nextjs-devtools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mcp-client (scripts/mcp-client.py) connects to arbitrary MCP servers via --url (HTTPTransport posts to the supplied HTTP URL) or by running an arbitrary stdio command (--stdio) and directly consumes tool lists, schemas, prompts and tool outputs from those servers, which are untrusted third-party content that could carry indirect prompt injection.