fastmcp-client-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The skill's SKILL.md explicitly shows listing and calling arbitrary HTTP/HTTPS MCP server targets (e.g., "fastmcp list http://localhost:8000/mcp") and includes options to fetch "resources" and "prompts", meaning the agent will ingest untrusted third-party server-provided content as part of its discover/list/call workflow which can materially influence subsequent tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's stdio command examples ("npx -y @modelcontextprotocol/server-github" and "npx -y @mcp/server") run npx at runtime which fetches and executes remote npm package code, allowing external code execution that can control agent behavior.