kw-find-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to run ctx7 library and ctx7 docs to retrieve up-to-date documentation and code examples from Context7 (public third-party documentation and examples), which the agent must read and use to form answers, so untrusted external content can influence decisions and tool use.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires running the external CLI via "npx ctx7@latest" / "npm install -g ctx7@latest", which fetches and executes remote code from the npm registry and retrieves documentation that is injected into agent prompts and therefore can directly control the agent's instructions.