The Agent Skills Directory

[COMMAND_EXECUTION] (SAFE): The scripts/connections.py file implements the stdio transport for MCP servers. While this involves spawning subprocesses to run server commands, this is the intended and standard functionality of the Model Context Protocol. The implementation uses the official mcp library's stdio_client.
[EXTERNAL_DOWNLOADS] (LOW): The instructions in SKILL.md direct the agent to fetch documentation and SDK READMEs from external URLs (modelcontextprotocol.io and raw.githubusercontent.com). These are authoritative sources for the protocol, and the content is retrieved for information gathering rather than direct execution.
[Indirect Prompt Injection] (LOW): The skill has an ingestion surface for untrusted data because it fetches external markdown documentation which is then processed by the agent. However, since the sources are highly reputable documentation sites and the agent's actions are restricted to code generation and testing within the user's environment, the risk is negligible.
Ingestion points: Documentation URLs in SKILL.md (Phase 1.2 and 1.3).
Boundary markers: Not explicitly defined for the external fetch operations.
Capability inventory: Subprocess execution via stdio_client in scripts/connections.py.
Sanitization: Relies on the agent's inherent safety filters when processing fetched documentation.

mcp-builder