mcp-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (LOW): The
MCPConnectionStdioclass inscripts/connections.pyfacilitates local subprocess execution via the Model Context Protocol stdio transport. While this is the primary intended purpose of the skill, it creates a risk of arbitrary command execution if command parameters are influenced by untrusted external data. - [EXTERNAL_DOWNLOADS] (LOW): The
MCPConnectionSSEandMCPConnectionHTTPclasses inscripts/connections.pyenable outbound network connections to arbitrary URLs via Server-Sent Events and HTTP streaming. These are standard MCP capabilities but lack URL whitelisting or sanitization, potentially allowing Server-Side Request Forgery (SSRF). - [DATA_EXFILTRATION] (LOW): The skill provides the necessary primitives (command execution and network access) that could be combined to exfiltrate sensitive local data if an attacker successfully performs an indirect prompt injection against the agent using this library.
Audit Metadata