mcp-server-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes handlers that fetch and return open web content—for example, the GitHub MCP Server example uses Octokit to list repository issues (src/index.ts, the "list_issues" tool) and the get_weather handler fetches from https://api.weather.com, both of which deliver public/user-generated third‑party content that the agent consumes and interprets.