python-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Lifespan example defines an mcp.tool called fetch_url that uses an HTTP client to GET arbitrary URLs and returns response.text, which clearly ingests untrusted third-party web content into the agent's workflow and could influence subsequent actions.