mcp-hub
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill lists several standard Python libraries for document processing (python-docx, openpyxl, python-pptx, reportlab, jinja2) and references Node.js packages from trusted namespaces (@anthropic and @modelcontextprotocol).- [COMMAND_EXECUTION]: Configuration examples demonstrate the use of npx to execute MCP servers. Specifically, it provides examples for the filesystem and Google Drive servers which are official or from trusted organizations.- [PROMPT_INJECTION]: The skill facilitates an attack surface for indirect prompt injection by connecting the agent to external resources.
- Ingestion points: Data is ingested from the local filesystem, Google Drive, and web browsers via Puppeteer.
- Boundary markers: No delimiters or protective instructions are specified for handling the content retrieved from these sources.
- Capability inventory: The skill enables broad tool access including file reading, writing, and browser automation.
- Sanitization: There is no evidence of content sanitization or validation for data retrieved through these MCP integrations.
Audit Metadata