fastmcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's API wrapper template (templates/api_wrapper.py) and the SKILL.md guidance to add resources and @mcp.prompt show the server will fetch and return content from arbitrary upstream HTTP APIs (API_BASE_URL via httpx) and expose prompt/resources, meaning untrusted third-party responses can be ingested and used as LLM instructions at runtime.