context7
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- PROMPT_INJECTION (LOW): Potential for Indirect Prompt Injection. The skill fetches documentation and code examples from an external API, which are then processed by the agent. If the external documentation is manipulated, it could influence agent behavior.\n
- Ingestion points:
scripts/context7.pyretrieves content fromhttps://context7.com/api/v2.\n - Boundary markers: Absent; the script prints raw or JSON-formatted documentation directly to standard output.\n
- Capability inventory: Agents utilizing this skill often have broad capabilities including code execution and file system access.\n
- Sanitization: No sanitization or filtering is applied to the retrieved content before it enters the agent context.\n- DATA_EXFILTRATION (LOW): The skill performs network requests to
context7.com. While this is the intended purpose of the tool, the domain is not on the pre-approved whitelist for automated agents.
Audit Metadata