context7

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scripts (scripts/context7.py) call the external Context7 API at https://context7.com/api/v2 (endpoints /libs/search and /context) to fetch library documentation and context, meaning the agent ingests third-party/public documentation content that could contain untrusted or user-generated text and thus enable indirect prompt injection.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill makes runtime requests to https://context7.com/api/v2 (e.g., /libs/search and /context) and uses the fetched documentation to feed/drive the agent's responses, so external content can directly control prompts and is a required dependency.