build-mcp-use-server

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's examples clearly fetch and ingest public third‑party content (e.g., Recipe 3 "API Wrapper Server" defines ghFetch which calls https://api.github.com to retrieve repositories/issues and parse user-generated data, and server.proxy examples point at remote URLs like https://manufact.com/docs/mcp), and those results are read/returned by tool handlers so external content can influence tool outputs and subsequent agent behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill calls server.proxy with runtime npx commands that fetch and execute npm packages (e.g. "npx -y @modelcontextprotocol/server-github" and "npx -y @modelcontextprotocol/server-filesystem"), which downloads and runs remote code at runtime (example package URL: https://www.npmjs.com/package/@modelcontextprotocol/server-github), creating a required runtime dependency that executes remote code.