context7

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches live, third-party library documentation from the public Context7 REST API (https://context7.com/api/v2) and the SKILL.md and scripts explicitly instruct the agent to read and apply those returned docs to drive answers and code generation, so untrusted content could materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill makes runtime requests to the Context7 API (e.g., https://context7.com/api/v2, such as /search and /docs endpoints) and uses the fetched documentation text to drive responses, so external content from that URL directly influences agent prompts and is a required runtime dependency.