context7-mcp-skill
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to an external service endpoint at mcp.context7.com to fetch tool definitions and library documentation content.
- [COMMAND_EXECUTION]: The workflow involves shell command execution, specifically using the 'uxc' utility to link 'context7-mcp-cli' and execute it for resolve-library-id and query-docs operations.
- [DATA_EXFILTRATION]: User-provided documentation queries and library identifiers are sent to the external Context7 API (mcp.context7.com) to perform searches.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the processing of external documentation data. 1. Ingestion points: Results from 'query-docs' in SKILL.md. 2. Boundary markers: Absent; data is treated as plain text. 3. Capability inventory: Execution of linked shell commands via the uxc framework. 4. Sanitization: No sanitization of external content is performed before presentation to the agent.
Audit Metadata