use-ctx7
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute the
ctx7CLI tool to perform library identification and documentation retrieval tasks. - [PROMPT_INJECTION]: Detected an indirect prompt injection surface where user-supplied strings are interpolated into CLI command arguments.
- Ingestion points: User-provided library names and descriptive documentation questions in SKILL.md.
- Boundary markers: Documentation queries are enclosed in double quotes within the CLI command templates.
- Capability inventory: Execution of shell commands via the
ctx7utility as specified in the skill instructions. - Sanitization: No explicit validation or filtering of input strings is performed before they are passed to the CLI.
Audit Metadata