gh-grep

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly queries grep.app to retrieve real-world code from over a million public GitHub repositories (see SKILL.md "Search for real-world code examples ... via grep.app" and scripts/grep.ts embeddedServer URL "https://mcp.grep.app/"), meaning it fetches untrusted, user-generated third‑party content that the agent reads and could materially influence subsequent actions.