brightdata-web-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill provides tools like search_engine, scrape_as_markdown, scraping_browser_navigate and numerous web_data_* extractors (e.g., web_data_reddit_posts, web_data_instagram_posts, web_data_x_posts) that fetch and return content from public websites and social media for the agent to read and process, exposing it to untrusted third-party/user-generated content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill uses Bright Data's remote MCP endpoints (e.g. https://mcp.brightdata.com/sse?token=YOUR_API_TOKEN and https://mcp.brightdata.com/mcp?token=YOUR_API_TOKEN) at runtime to provide tool definitions and to execute remote scraping/browser-automation operations, meaning fetched content/control from those URLs can directly drive agent actions and execute code on the remote service.