context7-mcp
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns, prompt injections, or obfuscation were detected. The skill is purely instructional and utilizes the Model Context Protocol (MCP) for defined tool interactions.
- Indirect Prompt Injection (SAFE): The skill possesses a standard ingestion surface for indirect prompt injection common to documentation tools.
- Ingestion points: Documentation content retrieved from external libraries via the
query-docstool (SKILL.md). - Boundary markers: Absent; the instructions do not specify delimiters for the external content.
- Capability inventory: Interaction is limited to specific MCP tools (
resolve-library-id,query-docs) and listed fallback tools (tavily-mcp,WebFetch). - Sanitization: Not specified; the agent relies on the MCP server and its own processing to handle the returned documentation text.
Audit Metadata