context7
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions provide legitimate operational guidance for the agent and do not contain bypass or override patterns.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file paths were found. The skill explicitly instructs the agent not to include sensitive information in queries.
- [Remote Code Execution] (SAFE): No remote code execution patterns, script downloads, or package installations are present.
- [Indirect Prompt Injection] (LOW): The skill is susceptible to indirect prompt injection as it ingests untrusted data from an external API.
- Ingestion points: Data enters the agent context via the output of
context7_query-docs. - Boundary markers: No specific boundary markers or 'ignore' instructions are defined for the retrieved documentation.
- Capability inventory: This skill does not contain internal script execution or network write capabilities, limiting the potential impact of an injection.
- Sanitization: No sanitization or validation of the external documentation content is performed.
Audit Metadata