context7
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using
bunxto interact with the Context7 CLI (e.g.,bunx ctx7 libraryandbunx ctx7 docs). This is the intended core functionality of the skill for searching and fetching documentation.- [EXTERNAL_DOWNLOADS]: The skill usesbunxto dynamically download and execute thectx7package from the npm registry. This is a standard method for utilizing Node.js-based utilities without permanent installation.- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes content from an external source (the Context7 documentation service). • Ingestion points: Untrusted data enters the agent context through the output of thebunx ctx7 docscommand. • Boundary markers: No explicit markers or instructions are provided to the agent to treat the fetched documentation as data rather than instructions. • Capability inventory: The skill facilitates command execution viabunxacross its scripts. • Sanitization: There is no evidence of content filtering or sanitization of the retrieved documentation before it is processed by the agent.
Audit Metadata