smithery

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to search and fetch content from public MCP servers and the Smithery registry (e.g., smithery mcp search, smithery skill search, smithery mcp add "https://server.smithery.ai/...", and smithery skill review list), which exposes it to untrusted, user-provided skills, server responses, and reviews that the agent will read and act on.