Skills
skills/jstarfilms/vibecode-protocol-suite/context7/Gen Agent Trust Hub

context7

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [Data Exposure & Exfiltration] (LOW): The skill performs network requests via curl to https://context7.com, which is not a whitelisted domain. It transmits user-provided search terms and library names to this external service.
  • [Indirect Prompt Injection] (LOW): The skill ingests untrusted text data from an external API, creating a surface for potential instruction injection if the source documentation is compromised.
  • Ingestion points: Documentation snippets fetched via the /api/v2/context endpoint.
  • Boundary markers: Absent; the agent is not instructed to treat the fetched content as potentially untrusted data.
  • Capability inventory: Uses curl for network requests and jq for JSON processing.
  • Sanitization: None; the raw text or JSON results are passed back to the agent for processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:24 PM