context7

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill calls the Context7 REST API to search and fetch live public library documentation (e.g., IDs like /facebook/react, /vercel/next.js and results from context7.com), and the agent is expected to read and use that third‑party content to answer user questions, exposing it to untrusted external input.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill uses the Context7 REST API (domain: https://context7.com — e.g. https://context7.com/dashboard) at runtime to fetch library documentation which is injected into the agent's responses and therefore directly influences prompts and is a required runtime dependency.