framework-docs-researcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly requires fetching documentation from Context7 and, if needed, falling back to web search and GitHub ("Search GitHub for real-world usage... Start with Context7... If Context7 is unavailable or incomplete, use web search as fallback"), which causes the agent to ingest and act on untrusted public web content (docs, issues, PRs) that could contain adversarial instructions.