xno-mcp Purse Custody
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or security bypasses were detected in the skill markdown or instructions.\n- [DATA_EXFILTRATION]: The skill documents that the xno-mcp tool stores data as plaintext JSON in a local directory (.xno-mcp/). While plaintext storage of sensitive data is a risk, the skill explicitly warns the user to treat this directory as secret material and does not attempt to exfiltrate it.\n- [PROMPT_INJECTION]: The instructions use standard natural language to guide agent behavior without attempting to override safety filters or extract system prompts.
Audit Metadata