MCP Integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly connects to external MCP servers using SSE/HTTP/WS and stdio with arbitrary URLs and tokens (e.g., "url": "https://api.example.com/mcp", SSE examples, and stdio servers) and its agents are described as querying and analyzing those MCP-provided results (Pattern 2), so it will ingest and interpret untrusted third-party content from public services.