context7-auto-research
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill documentation identifies a potential surface for indirect prompt injection. 1. Ingestion points: Data is fetched via the Context7 API (SKILL.md). 2. Boundary markers: No delimiters or warnings for the agent to ignore embedded instructions are specified. 3. Capability inventory: While no code is provided, the skill is intended to supply documentation content to the agent context. 4. Sanitization: No sanitization or validation of the fetched content is described.
- [EXTERNAL_DOWNLOADS]: The skill identifies external dependencies including the 'Context7 API' for data retrieval and a non-trusted GitHub repository 'BenedictKing/context7-auto-research' for installation.
- [NO_CODE]: The provided SKILL.md file contains only documentation and no executable scripts or code blocks for direct analysis.
Audit Metadata