configure-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly installs and connects to external MCP servers and remote HTTP+SSE endpoints (see REFERENCE.md "Server Configurations" with git/npm/go package URLs and "Remote MCP Servers (HTTP+SSE with OAuth)" which performs /.well-known OAuth discovery and connects to arbitrary server URLs), meaning it fetches and ingests untrusted third-party content that can influence runtime behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's REFERENCE.md contains runtime commands that fetch and execute remote code (e.g., git+https://github.com/BeehiveInnovations/pal-mcp-server.git in the "pal" args and github.com/github/github-mcp-server/cmd/github-mcp-server@latest used with "go run"), so external artifacts would be retrieved at runtime and run as MCP servers that can influence agent behavior.