claude-agent-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill clearly ingests untrusted third‑party content: SKILL.md and references/mcp-servers-guide.md list built-in WebSearch/WebFetch and external MCP server configs (HTTP/SSE) and templates/custom-mcp-server.ts and other templates demonstrate fetch calls and remote mcpServers (e.g., https://api.example.com/mcp, api.weather.com), which the agent reads and uses to drive decisions and tool use.