documentation-lookup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). SKILL.md's "How to Fetch Documentation" (Step 3: call query-docs with libraryId like "/vercel/next.js") explicitly instructs the agent to fetch and incorporate current documentation from Context7/public library docs, meaning external third-party documentation is ingested and can materially influence responses and actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill makes runtime calls to Context7 (e.g., query-docs with libraryId "/vercel/next.js") to fetch documentation and inject it into the agent's responses, so external content directly controls prompts and is a required dependency.