smithery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to discover and connect to arbitrary public MCP servers and the Smithery registry (e.g., smithery mcp search / smithery mcp add "https://..."), to call tools (smithery tool call) and to read skill reviews and search results (smithery skill search / skill review list), which are untrusted, user-provided third‑party content the agent will fetch and interpret.