context7-docs-lookup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to call Context7's resolve-library-id and query-docs to fetch public library documentation (external third-party docs) and then "incorporate the fetched documentation into your response," so the agent will read and act on untrusted public web content (SKILL.md "How to Fetch Documentation" Steps 1–4).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill makes runtime calls to Context7 (resolve-library-id and query-docs) to fetch documentation and inject it into responses—e.g., using libraryId "/vercel/next.js"—so externally fetched content directly controls agent prompts.