create-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly describes an MCP Server that "automatically exposes documents for the AI assistant" with endpoints like list-pages/get-page (and the config references using NUXT_GITHUB_TOKEN and GitHub integration to fetch docs), meaning the agent will fetch and read repository- or web-hosted documentation (potentially public/user-contributed) which can directly influence its actions.