leanmcp-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes an ApiService example (references/decorators.md) that uses fetch(args.endpoint) and returns response.json(), which would cause the agent to call and ingest arbitrary user-provided/public URLs and their untrusted content.