mcp-client-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill can connect to arbitrary remote MCP servers via the Streamable HTTP transport and ingest server-provided tools, resources, and prompts (e.g., listTools/listPrompts/getPrompt, readResource, and elicitation URL mode), so the agent will read and act on untrusted third‑party content supplied by those servers or URLs.