biomni

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Biomni's MCP server integration (see the .biomni/mcp_config.json example and the MCP "web-search" entry in the API docs) allows the A1 agent to call external web-search servers and arbitrary MCP tools to fetch and ingest open/public web pages and APIs, which the agent will read and interpret as part of its workflow—exposing it to untrusted third‑party content.