mcp-inspector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly runs commands that fetch and interpret remote server data (e.g., "server probe --url ", "oauth metadata"/"oauth debug-proxy", "tools list", "prompts list/get") and thus ingests untrusted public OAuth discovery URLs, tool/resource/prompt listings and web metadata from arbitrary targets that can materially influence follow-up actions.