context7

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches external documentation from the public Context7 API (GET https://context7.com/api/v2/context) which returns third‑party source content (e.g., context7.com and github.com pages) that the agent is instructed to read and use to drive coding/implementation decisions, so untrusted external content can influence next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill performs runtime fetches from https://context7.com/api/v2/context to retrieve markdown documentation that is injected as contextual prompt material for the agent (thus externally controlling the agent's instructions) and the service is a required dependency.