serena-mcp-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The ChatGPT setup instructions explicitly instruct importing an OpenAPI schema from a user-provided cloudflared URL ("<cloudflared_url>/openapi.json"), which means the agent will fetch and consume arbitrary external HTTP content (user-supplied/public URLs) as part of its workflow and could therefore ingest untrusted third‑party data.