context7
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The script 'scripts/context7.py' performs network requests to 'context7.com'. While this is the intended purpose of the skill, the domain is not included in the trusted whitelist. No attempts to access sensitive local files or hardcoded credentials were detected.
- [Indirect Prompt Injection] (LOW): The skill ingests external documentation from a third-party API, creating a surface for potential indirect prompt injection. Evidence Chain: 1. Ingestion points: Documentation is fetched via 'urllib.request' in 'scripts/context7.py'. 2. Boundary markers: The skill does not provide instructions to the agent on how to delimit or isolate the fetched documentation from the system context. 3. Capability inventory: The skill uses 'Bash' to run Python, which has network access. 4. Sanitization: The script uses 'urllib.parse.quote' to sanitize user-provided search queries and topics.
Audit Metadata