mcp-sequential-thinking
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill utilizes prompt templates that interpolate external data (feature descriptions and log pastes) into the agent's context, which could theoretically contain malicious instructions.
- Ingestion points: The
<feature>and<paste>placeholders inSKILL.mdprompt templates. - Boundary markers: Absent; inputs are not wrapped in delimiters to isolate them from instructions.
- Capability inventory: The skill is restricted to reasoning and planning; no direct shell execution or file-write capabilities are defined in this skill file.
- Sanitization: None present in the provided templates.
- Unverifiable Dependencies (SAFE): The skill references the
@modelcontextprotocol/server-sequential-thinkingpackage, which is a standard component of the Model Context Protocol ecosystem. No installation or execution commands are present. - Data Exfiltration (SAFE): No network operations or sensitive file access patterns detected.
Audit Metadata