context7

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow requires calling the Context7 CLI (ctx7 library and ctx7 docs) to fetch up-to-date documentation and code examples from public third-party documentation sources, which the agent reads and uses to guide code generation and decisions (see "Workflow" / "Step 1" and "Step 2").

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires running "npx ctx7@latest" (which fetches and executes the ctx7 package from the npm registry at runtime), so remote code is downloaded and executed and its output directly controls the agent's documentation/response behavior.