context7
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses the Bun runtime to execute a local TypeScript script (context7.ts). This is the intended mechanism for the skill's functionality and points to a specific configuration path.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection risk. The skill retrieves documentation and code snippets from an external service. If the retrieved documentation contains malicious instructions, the agent processing the output could be influenced. Evidence Chain: 1. Ingestion point: Output of get-library-docs command. 2. Boundary markers: Absent in the provided skill definition. 3. Capability inventory: Command execution via Bun. 4. Sanitization: None mentioned for the external content.
Audit Metadata