build-mcp-sdk-server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's reference examples show server tools fetching and ingesting arbitrary external URLs/URIs (e.g., the api-call example in references/tools.md which does fetch(endpoint) where endpoint is a user-provided URL, and the sampling example in references/sampling.md which fetches a documentUri and passes its content to the LLM), so untrusted third-party content is read and can influence subsequent LLM/tool behavior.