find-docs
Warn
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'ctx7' CLI tool from the public NPM registry using
npm install -g ctx7@latestornpx ctx7@latest. This introduces a third-party dependency that is executed in the user's environment. - [REMOTE_CODE_EXECUTION]: By instructing the agent to use
npx ctx7@latest, the skill executes code downloaded directly from a remote source at runtime without prior integrity verification. - [COMMAND_EXECUTION]: The skill is highly susceptible to command injection. It instructs the agent to construct shell commands by directly interpolating user-provided inputs (library names and queries) as seen in
ctx7 library <name> <query>. A malicious user could provide inputs containing shell metacharacters (e.g.,;,|,&&, or backticks) to execute arbitrary commands on the system. - [DATA_EXFILTRATION]: User-provided documentation queries are sent to an external service. While the skill warns users not to include sensitive data, the workflow inherently transmits context-rich queries to a third-party API.
Audit Metadata