mcp-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's registry-discovery rule (rules/registry-discovery.md) explicitly instructs the agent to fetch and parse public registry APIs and community directories (e.g., https://registry.modelcontextprotocol.io, mcp.run, smithery) to discover and vet third-party MCP servers—untrusted, user-supplied data that the agent is expected to interpret and that can influence installation and tool-invocation decisions.