mcp-apps
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation repository and guide for developers building applications on the Model Context Protocol. It includes extensive sections on security, sandboxing, and protocol specifications.
- [EXTERNAL_DOWNLOADS]: The documentation references official-looking libraries and tools, such as the
@modelcontextprotocol/ext-appsnpm package and themodelcontextprotocol/ext-appsGitHub repository. These are documented as part of the standard development ecosystem for this technology. - [COMMAND_EXECUTION]: Provides example commands for common developer tasks, including package installation via npm/bun, project scaffolding with npx, and local testing using cloudflared tunnels. These commands are contextual to the build guide and intended for local development environments.
- [DATA_EXFILTRATION]: While the guide describes network operations (such as tool calls and CSP configurations), these are part of the functional requirements of the protocol being documented. The guidance includes security recommendations to minimize data exposure, such as using restrictive Content Security Policies.
Audit Metadata