Skills
skills/glwlg/x-bot/context7/Gen Agent Trust Hub

context7

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl and jq to interact with the Context7 API as documented in SKILL.md and README.md. These commands are standard for the skill's documentation-fetching purpose.\n- [EXTERNAL_DOWNLOADS]: Documentation data is retrieved from the external domain https://context7.com. This is the core functionality of the skill.\n- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8) as it integrates external content into the agent's context.\n
  • Ingestion points: Data is fetched from https://context7.com/api/v2/context (SKILL.md).\n
  • Boundary markers: No delimiters or safety instructions are provided to the agent for handling the external content.\n
  • Capability inventory: The skill uses curl and jq for data retrieval and processing (SKILL.md).\n
  • Sanitization: There is no evidence of content sanitization before the external documentation is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 12:54 PM