project-starter

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow mandates using Context7 (see references/context7-integration.md and FASE 3/4 in SKILL.md) via context7_resolve-library-id and context7_query-docs to fetch third-party library documentation and use those results to recommend tools and drive bootstrap/decision actions, so external content is ingested and can materially influence the agent's recommendations and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill mandatorily calls Context7 MCP at runtime (via context7_resolve-library-id and context7_query-docs) to fetch external documentation that is injected into the agent's recommendations/prompts, so these external Context7 endpoints are runtime dependencies that directly control agent output.