Skills
skills/4444j99/a-i--skills/mcp-server-orchestrator/Gen Agent Trust Hub

mcp-server-orchestrator

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions and a manual testing script that uses subprocess.Popen to execute server commands and pkill to terminate orphaned processes.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx -y and uvx to fetch and run MCP server packages. It specifically references official packages within the @modelcontextprotocol scope, which is recognized as a well-known service.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it instructs the agent to analyze application logs and configuration files that may contain data from untrusted external sources.
  • Ingestion points: ~/Library/Logs/Claude/mcp*.log and claude_desktop_config.json.
  • Boundary markers: No explicit delimiters or boundary markers are provided for the agent when reading log files or configuration data.
  • Capability inventory: The skill has the capability to execute system commands via subprocess, manage processes with pkill, and read/write file system data.
  • Sanitization: There is no evidence of sanitization or validation performed on the contents of logs or external configuration files before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:10 PM