lang-typescript

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Context7 Integration explicitly calls mcp__context7__get_library_docs with public repo paths (e.g., "/microsoft/TypeScript", "/solidjs/solid", "/tanstack/start"), which indicates the agent will fetch and consume external library/docs content from public third-party sources as part of its workflow, exposing it to untrusted user-provided content.