c7
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): This skill is vulnerable to indirect prompt injection as it retrieves external documentation that is then processed by the agent.
- Ingestion points: Text output from the
c7 contextcommand inSKILL.md. - Boundary markers: None identified; the skill lacks instructions to isolate or ignore instructions contained within the fetched documentation.
- Capability inventory: The skill utilizes the
Bashtool to execute commands. - Sanitization: No evidence of output filtering or content validation for the retrieved documentation.
- Command Execution (SAFE): The skill specifies the use of a local binary located at
~/.local/bin/c7, which is consistent with its intended purpose for library documentation research.
Audit Metadata