context7-auto-research
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (HIGH): The installation instructions utilize
npx skills addpointing to an untrusted GitHub repository (BenedictKing/context7-auto-research). This source is not within the [TRUST-SCOPE-RULE] whitelist and allows for the execution of unverified code on the host machine. - [Indirect Prompt Injection] (MEDIUM):
- Ingestion points: External library/framework documentation fetched via the Context7 API (SKILL.md).
- Boundary markers: None identified in the provided documentation or metadata to isolate fetched content.
- Capability inventory: The skill likely performs network requests to fetch data which then influences the agent's reasoning/context.
- Sanitization: No sanitization or verification of the external API content is mentioned. Malicious documentation content could lead to the agent providing unsafe code or deviating from system instructions.
Recommendations
- AI detected serious security threats
Audit Metadata