docs-seeker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's fetch-docs.js automatically constructs and retrieves public context7.com URLs (and references GitHub/repository analysis) and the Quick Start explicitly instructs the agent to "Read URLs with WebFetch," meaning the agent will fetch and interpret untrusted, public third‑party content as part of its workflow.