mcp-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill exhibits an indirect prompt injection surface (Category 8) by directing the agent to fetch and interpret documentation from external websites to guide the development process. Ingestion points: Phase 1.2 and 1.3 (using WebFetch on modelcontextprotocol.io and GitHub). Boundary markers: Absent; there are no instructions to treat external documentation as untrusted data. Capability inventory: File system access for code generation and shell command execution for testing (go build, npx). Sanitization: Absent.
- EXTERNAL_DOWNLOADS (LOW): The guide references documentation and tool installation (npx @modelcontextprotocol/inspector) from sources outside the predefined trusted organization list.
- COMMAND_EXECUTION (LOW): Directs the agent to perform development operations such as 'go build' and 'npx', which involve running external code in the user's environment.
Audit Metadata