context7-tools
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection because it fetches and processes external documentation from context7.com.\n
- Ingestion points: Data enters via
httpxrequests inscripts/context7.py.\n - Boundary markers: Absent; the tool returns raw documentation content to the agent.\n
- Capability inventory: No unsafe operations (e.g.,
eval,subprocess) are performed on the ingested data within the script.\n - Sanitization: None; external content is passed back as-is.\n- [EXTERNAL_DOWNLOADS] (SAFE): Network requests are restricted to the primary service domain
context7.comas required for the tool's functionality.\n- [CREDENTIALS_UNSAFE] (SAFE): The script retrieves the API key from the environment variableCONTEXT7_API_KEYrather than using hardcoded secrets.
Audit Metadata