Skills
skills/marcioaltoe/skills/context7/Gen Agent Trust Hub

context7

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install the ctx7 package globally from the NPM registry using npm install -g ctx7@latest. While NPM is a standard registry, the package is an external third-party dependency.\n- [REMOTE_CODE_EXECUTION]: The skill utilizes npx ctx7@latest to dynamically download and execute code from the NPM registry at runtime.\n- [COMMAND_EXECUTION]: The skill performs shell command execution to interact with the Context7 service using CLI commands like ctx7 library and ctx7 docs.\n- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection (Category 8) because it interpolates user-controlled data into shell command arguments for documentation queries.
  • Ingestion points: User input is used for the <name>, <libraryId>, and <query> arguments.
  • Boundary markers: Examples use double quotes around queries, but the skill lacks technical instructions for escaping shell-sensitive characters.
  • Capability inventory: The skill executes shell commands via npm, npx, and the ctx7 CLI.
  • Sanitization: No technical sanitization is implemented; the skill relies on high-level prompt instructions to avoid sensitive data in queries.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 02:07 AM
Security Audit — agent-trust-hub — context7