build-mcpb
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [Security Guidance]: The skill provides detailed instructions on mitigating common security risks associated with local server execution. It includes specific implementations for preventing path traversal and command injection, such as containment checks for file paths and avoiding shell execution when spawning processes.
- [Trusted Infrastructure]: All external references and tools, including the MCPB packager and manifest schemas, are hosted within official repositories or well-known technical organizations. These are used for standard development tasks like validation and packaging.
- [Transparency on Permissions]: The documentation explicitly clarifies the execution environment's permission model, noting the absence of a manifest-level sandbox. This ensures that security considerations are front-and-center during the development process.
- [Indirect Prompt Injection Surface]: The skill describes creating tools that process input from an LLM, which may be influenced by untrusted external data. Ingestion points: Tool arguments defined via inputSchema in SKILL.md. Boundary markers: Documentation recommends using explicit validation logic and host-provided root lists in local-security.md. Capability inventory: Example tools utilize filesystem operations like readdir and readFile in SKILL.md. Sanitization: Robust guidance on sanitizing user-provided paths and avoiding shell-based command execution is provided in local-security.md.
Audit Metadata