mcp-code-execution-template

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's code explicitly fetches external data via servers/mcp-client.ts and servers/example-server/fetchData.ts (and the workspace/example-task.ts example mentions Google Drive/Salesforce), which ingest untrusted third-party data over HTTP and use that data in execution logic (filter/process/write) that materially affects subsequent actions and tool usage.