moai-context7-lang-integration
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's primary function involves fetching external documentation which presents a surface for indirect prompt injection attacks.
- Ingestion points: Documentation content retrieved at runtime from external library repositories via the
mcp__context7__get-library-docstool. - Boundary markers: The provided implementation patterns and code examples lack explicit delimiters (e.g., XML tags or triple backticks with warnings) to isolate the external documentation content or instruct the agent to ignore any instructions embedded within it.
- Capability inventory: Based on the integration examples, the agent is expected to have file system access (read, write, and delete permissions for the
.moai/cache/context7/directory) and the ability to execute MCP tools. - Sanitization: The patterns do not include any logic for validating, filtering, or sanitizing the retrieved documentation before it is incorporated into the agent's context.
Audit Metadata