aspire

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The "Documentation Resources" section instructs using Context7 (mcp__context7__resolve-library-id and mcp__context7__query-docs) to fetch website documentation (IDs starting with /websites/), which would cause the agent to ingest public third-party web content that could contain untrusted, user-provided text.