MCP Integration
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown documentation and JSON configuration examples. No executable scripts, binaries, or active code components are provided in the package.
- [COMMAND_EXECUTION]: The documentation describes the standard functionality of MCP
stdioservers, which involve spawning local child processes for tool execution. This is presented as an architectural pattern for local integration. - [REMOTE_CODE_EXECUTION]: Instructional examples include the use of
npxto fetch and run MCP servers (e.g.,@modelcontextprotocol/server-filesystem) from the official NPM registry. These are standard development workflows for the protocol. - [PROMPT_INJECTION]: The skill acknowledges the surface for indirect prompt injection when autonomous agents interact with external tools.
- Ingestion points: Data retrieved from external services (e.g., Asana tasks, database queries) as described in
references/tool-usage.md. - Boundary markers: The documentation recommends using explicit
allowed-toolslists in command frontmatter to restrict the agent's capability surface. - Capability inventory: MCP servers can execute shell commands (
stdio) or perform network operations (SSE,HTTP,WS). - Sanitization: The documentation focuses on configuration and authentication rather than input sanitization logic.
Audit Metadata