manage-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes resource/tool examples that fetch and return external web content for the agent to read (e.g., references/resources.md "API Resource" uses $fetch('https://api.example.com/users') and references/tools.md "Weather API Integration" calls https://api.weather.com), which exposes the MCP agent to untrusted third‑party content that it will ingest and interpret.