docs-seeker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and scripts (notably fetch-docs.js and SKILL.md/workflows/topic-search.md and library-search.md) explicitly fetch and instruct the agent to read llms.txt files from context7.com (and fallback to web search, official sites, GitHub repos and other public pages like Stack Overflow), so the agent ingests untrusted, public third‑party content which directly drives subsequent agent actions and decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). fetch-docs.js explicitly fetches llms.txt from context7.com at runtime (e.g. https://context7.com/{org}/{repo}/llms.txt and topic-specific variants), and that fetched llms.txt content directly controls which URLs/documents are loaded into agent workflows and therefore the model context/instructions.