build-mcp-server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and reference docs explicitly describe exposing and returning external data (e.g., tool handlers calling upstreamApi in references/remote-http-scaffold.md and resource/resource_link URIs that the client may fetch in references/resources-and-prompts.md), meaning the agent will read/interpret content from upstream APIs or arbitrary resource URIs that could be untrusted and thus influence next actions.