Skills
skills/codealive-ai/agents-reflection-skills/mcp-management/Gen Agent Trust Hub

mcp-management

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of MCP servers from various remote sources, including npm packages, GitHub repositories, and direct URLs.
  • It utilizes npx add-mcp, a tool provided by Neon (a trusted organization), to streamline multi-agent configuration.
  • It provides instructions for downloading and running official servers from trusted organizations such as GitHub, Cloudflare, MongoDB, and Vercel.
  • It guides the user to the official MCP Registry at registry.modelcontextprotocol.io to discover third-party servers.
  • [COMMAND_EXECUTION]: The skill uses command-line interfaces (claude mcp, npx, docker) to install, configure, and execute external server code.
  • SKILL.md and references/multi-agent.md detail the use of npx add-mcp and npx -y for installing servers as stdio transports.
  • references/search.md describes the use of docker run as a deployment option for isolated server environments.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of untrusted external data.
  • Ingestion points: references/search.md details querying the MCP Registry API (registry.modelcontextprotocol.io/v0.1/servers) and performing web searches for server details.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present when processing registry search results.
  • Capability inventory: The skill has the capability to write to configuration files (e.g., ~/.claude.json, .vscode/mcp.json) and execute installation commands (npx, claude mcp).
  • Sanitization: There is no evidence of sanitization for fields returned by the registry API (e.g., server.name, server.description) before they are presented to the agent or used in installation commands.
  • [CREDENTIALS_UNSAFE]: The skill manages sensitive API keys and tokens required for various MCP servers.
  • It correctly advises using environment variables (${VAR}) in configuration files rather than hardcoding secrets.
  • It provides guidance on editing config files like ~/.claude.json to securely add credentials that are difficult to pass via CLI flags.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 07:15 AM