mcp-builder
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches protocol specifications and SDK README files from official sources at modelcontextprotocol.io and its associated GitHub repositories. These are legitimate resources for the skill's purpose.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by directing the agent to ingest external content.
- Ingestion points: Instructions in SKILL.md lead the agent to retrieve content from external URLs belonging to the modelcontextprotocol organization.
- Boundary markers: Absent. No instructions specify the use of delimiters or ignore-behavior for external documentation.
- Capability inventory: The agent is empowered to generate code and execute shell commands for building and testing software.
- Sanitization: Absent. Fetched content is used directly for guidance without an intermediate sanitization step.
- [COMMAND_EXECUTION]: The workflow incorporates standard development commands such as npm run build and npx for testing, which are expected in the context of server development.
Audit Metadata