Context7 MCP

The skill is designed to query the Context7 API for documentation, which aligns with its stated purpose. The `query.ts` script reads an API key from environment variables or a local `.env` file and uses it to authenticate requests to `https://context7.com` endpoints. There is no evidence of data exfiltration to unauthorized destinations, malicious code execution, persistence mechanisms, or prompt injection attempts in `SKILL.md`. While the `package-lock.json` reveals dependencies like `cross-spawn` and web server frameworks (`express`, `hono`) within the `mcp-client` SDK, these are not directly utilized in a harmful way by the provided `query.ts` script, nor are there instructions for the agent to misuse them. The overall behavior is consistent with a legitimate API client.