build-mcp-use-apps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's docs and workflows explicitly instruct the runtime to fetch external, public content — e.g., Quickstart.md allows scaffolding from arbitrary GitHub repositories via "npx create-mcp-use-app ... --template owner/repo", references/server/proxy.md shows proxying remote servers by URL, and references/authentication/custom.md fetches JWKS from external URLs — all of which cause the agent to ingest third‑party public content that can influence behavior.