context7

SUSPICIOUS: the stated purpose is coherent, and routing queries plus an API key to Context7 is proportionate, but the skill uses an unreviewed local Python wrapper and explicitly tells the agent not to inspect it. No clear malicious exfiltration is shown, yet execution trust is weaker than the official same-org Context7 clients.