A
100/100 First Seen
Feb 18, 2026
Last Scanned
Feb 22, 2026
Findings
1
Score
100/100
LOW 1
Findings (1)
LOW
External API response drives agent behavior
L820 Detects skills where external API responses control agent decisions or actions
call framework if service + based on data FIX
Do not include content from MCP tool responses verbatim in system prompts or tool descriptions. Sanitize all dynamic content before incorporating it into prompt context.
FP?
Likely FP if the match is a static tool description that mentions dynamic content handling in its documentation, not an actual injection vector.