mcp-builder
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation and SDK guidelines from trusted sources including the official Model Context Protocol website, Cloudflare, and Vercel Labs' public GitHub repositories. These operations are used to provide the agent with accurate technical specifications.
- [COMMAND_EXECUTION]: The connection utility and evaluation scripts enable the launching of local MCP servers via standard input/output (stdio). This allows for testing and interacting with tools in a local development environment.
- [REMOTE_CODE_EXECUTION]: The skill supports interacting with remote MCP servers using Server-Sent Events (SSE) and HTTP transports. This enables the agent to call tools hosted on remote infrastructure as part of its testing and integration workflows.
- [PROMPT_INJECTION]: The evaluation system incorporates an indirect prompt injection surface by reading task questions from user-provided XML files. This surface is part of the intended testing harness used to evaluate how an agent handles complex queries through an MCP server. The script uses a system prompt to define agent behavior, and its capabilities are limited to the tools exposed by the server under test.
Audit Metadata