playdotfun

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's MCP tools explicitly allow the agent to call public Play.fun APIs (e.g., list_games, get_game, get_game_leaderboard in mcp/quickstart) and to reference user-hosted URLs (GitHub Pages deploys), so the agent will fetch and read untrusted, user-generated content (games, leaderboards, public game URLs) from third‑party sources as part of its workflow.