building-mcp-servers

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to fetch and read open web resources (e.g., "1.3 Fetch the latest MCP protocol documentation: Use WebFetch to load: https://modelcontextprotocol.io/llms-full.txt" and 1.4 which directs loading raw GitHub README URLs), so the agent will ingest untrusted, public third-party content that can materially influence tool design and subsequent actions.