analyze-and-recommend-third-party-optimizations

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires querying external documentation via the Context7 MCP (see .mcp.json and multiple "Context7 verification" references in SKILL.md) and includes a scaffold workflow that sparse-clones and inspects public GitHub design-system repositories (references/design-system-sources.md), meaning the agent will fetch and read untrusted, user-generated third‑party content as part of its analysis.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires the Context7 MCP at runtime (SKILL.md and .mcp.json) — it runs "npx -y @context7/mcp-server" and queries Context7 (https://context7.com) to fetch documentation used to verify recommendations, meaning remote content is fetched/executed at runtime and can directly influence agent prompts or behavior.