mcporter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). mcporter allows ad-hoc connections to arbitrary MCP servers (e.g., --http-url https://..., and --stdio "npx -y some-mcp-server@latest") and discovers/lists tool schemas and call outputs (including web-scraping servers like "firecrawl"), so the agent will fetch and ingest untrusted third‑party content and execute/interpret its responses.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly performs runtime connections to remote MCP endpoints (e.g., https://mcp.example.com/mcp and the placeholder https://mcp-server-url) and also supports launching MCP servers via runtime npx (e.g., "npx -y some-mcp-server@latest"), both of which fetch and execute remote code or provide remote tool instructions that can directly control agent behavior.