docs-seeker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and processes open/public third‑party content (e.g., llms.txt from context7.com and other docs via WebFetch/Explorer in SKILL.md Phase 1–2, clones GitHub repositories with Repomix in Phase 3, and uses Researcher agents to read community sources like Stack Overflow/Reddit in WORKFLOWS.md), so untrusted user‑generated webpages are ingested and can materially influence subsequent tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly fetches llms.txt from context7.com at runtime (e.g., https://context7.com/{org}/{repo}/llms.txt) and uses the retrieved content to determine which Explorer/Researcher agents to launch and what URLs/instructions they should process, so the external context7.com content directly controls agent behavior.