find-docs
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and installs the
ctx7package from the NPM registry usingnpm install -g ctx7@latestor runs it vianpx ctx7@latest. These are external dependencies required for the skill's primary functionality. - [COMMAND_EXECUTION]: The skill executes shell commands to interact with the documentation tool, including
ctx7 library,ctx7 docs, andctx7 login. It also suggests setting environment variables viaexport CONTEXT7_API_KEY. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external documentation sources.
- Ingestion points: Content retrieved from the
ctx7 docscommand is injected directly into the agent's context (SKILL.md). - Boundary markers: Absent. There are no delimiters or instructions provided to the agent to distinguish between its primary instructions and the data fetched from the tool.
- Capability inventory: The skill has the ability to execute shell commands, install packages, and modify environment variables.
- Sanitization: Absent. The skill does not specify any sanitization or validation of the documentation content before the agent processes it.
Audit Metadata