context7
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The skill performs network requests to context7.com via curl. This domain is not included in the list of trusted external sources, posing a risk of metadata exposure through query parameters.\n- [Indirect Prompt Injection] (MEDIUM): The skill ingests external documentation which is untrusted content. This content could be crafted to include malicious instructions that subvert the agent's logic during subsequent processing.\n
- Ingestion points: API search and context retrieval endpoints in SKILL.md.\n
- Boundary markers: Absent.\n
- Capability inventory: curl, jq.\n
- Sanitization: None.
Audit Metadata