mcp-builder
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions direct the agent to fetch protocol specifications and SDK READMEs from the official modelcontextprotocol.io website and official GitHub repositories. These are trusted sources necessary for the developer task.
- [COMMAND_EXECUTION]: The provided scripts facilitate the execution and testing of MCP servers using the stdio transport. This is a primary functional requirement of the skill for verifying user-developed code and does not involve unauthorized or hidden command execution.
- [SAFE]: Analysis of the skill body, scripts, and documentation reveals no patterns of prompt injection, data exfiltration, or obfuscation. The implementation follows standard security practices for MCP server development.
Audit Metadata