docs
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'ctx7' package from the NPM registry using 'npm install -g ctx7@latest'. This package is not associated with the known trusted vendors or the author's specified naming conventions.
- [REMOTE_CODE_EXECUTION]: The skill utilizes 'npx ctx7@latest' to execute code directly from a remote repository, which is a high-risk pattern for executing unverified scripts.
- [COMMAND_EXECUTION]: Multiple shell commands are executed to interact with the documentation service, including 'ctx7 library', 'ctx7 docs', and 'ctx7 login'.
- [CREDENTIALS_UNSAFE]: The skill manages authentication through 'ctx7 login' and instructions to 'export CONTEXT7_API_KEY', which involves handling sensitive credentials within the agent's environment.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data returned from external documentation queries, creating a surface for indirect prompt injection.
- Ingestion points: Output from 'ctx7 library' and 'ctx7 docs' commands (SKILL.md).
- Boundary markers: Absent; the agent is instructed to use the results directly without delimiters.
- Capability inventory: Shell command execution (ctx7 CLI).
- Sanitization: Absent; the skill does not specify any validation or escaping for the retrieved documentation content.
Audit Metadata