php-project-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "Documentation Lookup" section explicitly directs the agent to use the Context7 MCP (resolve-library-id then query-docs) and external sites (e.g., php.net, JetBrains help, GitHub/Packagist) to fetch up-to-date third‑party documentation and examples, which the agent is expected to read and could materially influence its actions.