mcp-context7
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill consists entirely of markdown instructions and metadata. It does not include any scripts, binaries, or configuration files that execute logic on the host system.
- [Indirect Prompt Injection] (LOW): The skill fetches content from an external documentation provider (@upstash/context7-mcp), creating a surface for indirect prompt injection if the source documentation were compromised.
- Ingestion points: Documentation snippets retrieved via the
context7MCP server. - Boundary markers: Absent in prompt templates.
- Capability inventory: Limited to documentation retrieval and text output.
- Sanitization: None specified; relies on the agent's internal safety filters.
- [Data Exposure & Exfiltration] (SAFE): While the skill mentions an API key (
CONTEXT7_API_KEY), it correctly identifies this as an input to be requested via the secure MCP input prompt rather than hardcoding it. - [Prompt Injection] (SAFE): The prompt templates provided are benign and focused on technical API lookups without any attempt to bypass system constraints.
Audit Metadata