context7-cli
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
ctx7CLI via NPM (npm install -g ctx7@latest) and enables the downloading of additional skills from GitHub repositories (e.g.,/owner/repo). These are core functionalities for the tool's purpose as a documentation and skill manager. - [COMMAND_EXECUTION]: The skill's operation is primarily based on executing
ctx7CLI commands to fetch data, search registries, and perform configuration tasks such asctx7 setupandctx7 login. - [DATA_EXFILTRATION]: While the skill communicates with the Context7 API, it includes specific warnings for the agent to avoid including sensitive data like API keys, credentials, or proprietary code in documentation search queries.
- [PROMPT_INJECTION]: The skill enables the ingestion of external documentation and third-party skills. This presents a surface for indirect prompt injection, a known characteristic of tools that ingest external content to influence agent behavior. This surface is mitigated by explicit usage warnings.
- [REMOTE_CODE_EXECUTION]: The
ctx7 skills installcommand downloads markdown files containing instructions from remote repositories and installs them into agent-monitored directories. While these are instructions rather than binary code, they are designed to be followed by the agent, representing the intended purpose of the system.
Audit Metadata