mcp-builder
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to fetch documentation and SDK information from official and trusted sources, specifically 'modelcontextprotocol.io' and the official 'modelcontextprotocol' organization on GitHub. These downloads are used to provide the agent with the most current development guidelines.
- [COMMAND_EXECUTION]: The provided Python scripts ('scripts/evaluation.py' and 'scripts/connections.py') use the official 'mcp' library to launch and communicate with local Model Context Protocol servers. This command execution is a core requirement for a developer testing tool and is used to verify the tools provided by the server.
- [PROMPT_INJECTION]: The system prompt defined in the evaluation harness is designed for operational guidance, instructing the testing agent on how to use tools and format its outputs. It contains no instructions to bypass safety protocols or override the agent's core safety instructions.
Audit Metadata