context7

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md instructs the agent to run the Context7 CLI (e.g., bunx ctx7 library and bunx ctx7 docs /facebook/react ...) to fetch live documentation from public third-party sources (like /facebook/react, /vercel/next.js, FastAPI docs), which the agent is required to read and use to answer questions—exposing it to untrusted external content that could carry malicious or instructional payloads.