library-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly describes connecting to the context7 MCP server and calling mcp__context7__get-library-docs to fetch public library documentation (e.g., React, Next.js, Supabase) which the agent loads and uses to guide implementations, so external third‑party docs can materially influence agent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill invokes the external context7 MCP server (configured as "npx -y @context7/mcp-server") at runtime to fetch documentation that is loaded into the agent's conversation context, so remote content from that server can directly control prompts.