context7
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it fetches and processes external documentation content.\n
- Ingestion points: Data is retrieved from the Context7 REST API via
scripts/context7.py.\n - Boundary markers: The script output includes simple delimiters but lacks formal delimiters with instructions to ignore embedded prompts.\n
- Capability inventory: The skill is configured to use
Bashto execute its helper script.\n - Sanitization: Content returned by the documentation API is printed without filtering.\n- [DATA_EXFILTRATION]: The skill performs expected network communication with
context7.comto fetch library information. This behavior is documented and necessary for the skill's function.\n- [COMMAND_EXECUTION]: The skill executes a local Python script using only standard library modules and properly encodes user-supplied input to prevent injection in the API requests.
Audit Metadata