developing-with-python

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's README and REFERENCE.md explicitly document a "Context7 Integration" workflow (README.md "Context7 Integration" and examples showing mcp__context7__query_docs) and the docs include numerous code patterns (e.g., fetch_data(url) in REFERENCE.md §4 and SKILL.md async examples using httpx.AsyncClient.get) that instruct or expect the agent to fetch and interpret content from arbitrary external/public URLs, which could materially influence subsequent actions.