dumbwaiter-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Streaming GitHub comment events" section shows the skill pulls user-generated PR comments/reviews/reactions from GitHub (a public third-party source) and emits notify_progress events that the agent is expected to read and react to, so untrusted content can influence agent decisions and actions.