context7

SUSPICIOUS: The core purpose and direct REST data flow are coherent for a documentation lookup skill, and there is no clear credential harvesting or exfiltration behavior. However, the skill contains publisher/source inconsistencies, outdated API endpoints, and an MCP install command that does not match official Context7 documentation, making the optional install path untrustworthy and the documentation itself unreliable.