The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The file scripts/connections.py implements an MCP client that uses the stdio_client transport to spawn local subprocesses. The MCPConnectionStdio class allows for the execution of arbitrary commands and arguments. While this is the intended mechanism for local MCP server integration, it provides a high-privilege capability that could be exploited to run malicious code if the agent is directed to build or test a compromised server configuration.
[EXTERNAL_DOWNLOADS] (LOW): The SKILL.md instructions guide the agent to fetch README and specification files from modelcontextprotocol.io and raw.githubusercontent.com/modelcontextprotocol/. These are authoritative sources for the protocol, and the downloads are limited to markdown documentation, posing a low risk.
[SAFE] (SAFE): The reference/mcp_best_practices.md file proactively includes security recommendations, such as input sanitization to prevent directory traversal and command injection, as well as guidance on secure authentication (OAuth 2.1).

mcp-builder