context7-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). At runtime the skill calls the Context7 query-docs tool, which fetches and returns documentation/code snippets from Context7’s public/third-party knowledge base (outsider-authored web content) and injects that readable text into the agent’s LLM context.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill uses the resolve-library-id and query-docs tools at runtime to fetch documentation and code examples from https://context7.com, and those fetched documents are injected into the agent's context and used to form instructions/answers, so the external URL directly controls prompts at runtime.