context7
Warn
Audited by Snyk on Jul 2, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (medium risk: 0.65). At runtime the skill calls
resolve-library-id/query-docsto fetch “up-to-date library and framework documentation,” which typically involves retrieving public web/package documentation text not authored by the operating user and then incorporating it into the agent’s LLM context.
Issues (1)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
Audit Metadata