project-setup-info-context7
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [Data Ingestion Surface]: The skill instructs the agent to retrieve and process external library documentation. While this is the intended functionality, it creates a surface for potential indirect prompt injection if the external sources contain malicious instructions.
- Ingestion points: Data enters the agent context through the outputs of the
mcp_context7_resolve-library-idandmcp_context7_get-library-docstools. - Boundary markers: The skill does not define explicit delimiters or 'ignore' instructions for the data retrieved from these tools.
- Capability inventory: The skill itself does not contain subprocess calls, network operations, or file-writing logic; it solely provides instructional context for tool usage.
- Sanitization: There are no specified sanitization or validation steps for the content returned by the external tools. This is a common characteristic of skills that interact with external documentation and is noted here for architectural transparency.
Audit Metadata