frontend-docs-context7

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Required Flow explicitly instructs the agent to call mcp_io_github_ups_get-library-docs (via Context7/GitHub UPS) and "answer based on fetched docs", which means it fetches and interprets public third-party documentation pages that can influence the agent's actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches up-to-date documentation at runtime via the Context7 calls (e.g., mcp_io_github_ups_get-library-docs which pulls docs from GitHub/raw content such as https://raw.githubusercontent.com/) and injects those fetched docs into the agent’s context to drive its replies, so external content directly controls prompts.