context7
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill performs network requests to 'context7.com', which is a non-whitelisted domain. Evidence found in SKILL.md curl examples.
- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests untrusted library documentation from an external API. 1. Ingestion points: Documentation content from context7.com API responses. 2. Boundary markers: None specified to separate documentation content from instructions. 3. Capability inventory: Limited to responding to user queries (no side effects like file writing or code execution). 4. Sanitization: No sanitization of the retrieved documentation is mentioned.
Audit Metadata