teams-anthropic-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). Path B (SKILL.md and assets/path-b-mcp.ts) explicitly integrates You.com MCP at https://api.you.com/mcp to perform live web search and content extraction, returning arbitrary public web pages (untrusted, user-generated content) into the Claude prompt workflow where it can influence tool use and behavior, creating a clear indirect prompt-injection risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly configures a runtime plugin to call the You.com MCP endpoint at https://api.you.com/mcp (via .usePlugin(...) with a YDC_API_KEY), which fetches third‑party web content that is injected into the model/context and therefore can directly influence prompts (indirect prompt injection) and is a required dependency when using Path B.