suggest-improvements

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly calls the Fonttrio MCP server (search_pairings, preview_pairing, install_pairing) and directs the user to fetch pairing JSON from the public site https://www.fonttrio.xyz, so it ingests content from an external public third-party source that can directly influence tool actions (search, preview, and install) in the workflow.