langgraph-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly loads and uses third‑party web content and MCP servers (e.g., built-in web_search / tavily_search in tools, the "web_search" built-in tool, and MultiServerMCPClient HTTP servers such as the Brave/web-search and GitHub examples in reference/mcp-integration.md and deep_agents.md), which are untrusted public sources whose results are ingested and fed into agent prompts/routing logic and can therefore materially influence agent decisions and tool use.