mcp-server-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The "Complete Example: GitHub MCP Server" (src/index.ts) uses Octokit to fetch GitHub issues (public, user-generated content) and returns that content to the agent as tool output, meaning the agent will read and interpret untrusted third‑party data that could carry indirect prompt injections.