add-component

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow explicitly instructs the agent to call searchRecipes/getRecipe against the ShipSwift recipe server (https://api.shipswift.app/mcp) to fetch full recipe code and integration steps, so the agent will ingest and act on external third‑party recipe content that can influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls the ShipSwift MCP endpoint (https://api.shipswift.app/mcp) at runtime via listRecipes/getRecipe to fetch full recipe content (source and instructions) which is injected into the agent context and directly controls what the agent does, and the skill depends on those fetched recipes.