mcp-builder
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The scripts
scripts/evaluation.pyandscripts/connections.pyfacilitate the local execution of MCP servers. When using thestdiotransport, the tool spawns a subprocess based on user-supplied command-line arguments (-cfor command and-afor arguments). This is an intended architectural feature of the Model Context Protocol to allow LLMs to communicate with local services. - [EXTERNAL_DOWNLOADS]: The skill's documentation (
SKILL.mdand reference guides) references official documentation and specifications located atmodelcontextprotocol.ioand themodelcontextprotocolorganization on GitHub. These are well-known, trusted sources essential for the developer's workflow. - [SAFE]: The skill adheres to security best practices, such as instructing users to store sensitive API keys in environment variables rather than hardcoding them. The provided Python scripts for connection handling and evaluation logic are transparent, well-documented, and focused exclusively on the stated purpose of server development and testing.
Audit Metadata