mcp-builder
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The scripts
scripts/evaluation.pyandscripts/connections.pyutilize the Model Context Protocol SDK to execute local commands and arguments specified by the user or agent. This functionality is intended to launch and interact with MCP servers during the development and testing phases. This capability is aligned with the skill's primary purpose as a builder and evaluator for local software components. - [EXTERNAL_DOWNLOADS]: The instructions in
SKILL.mdguide the agent to fetch protocol specifications and SDK README files from well-known and trusted sources, specificallymodelcontextprotocol.ioand the officialmodelcontextprotocolorganization on GitHub. These downloads are documented neutrally as they pertain to official technical documentation and library resources. - [PROMPT_INJECTION]: The evaluation script
scripts/evaluation.pyprocesses data returned from tool calls against external or local MCP servers. This architectural pattern introduces an indirect prompt injection surface where a server could return instructions meant to influence the evaluating agent's behavior. This is a known risk for agent harnesses processing external data, which the skill mitigates by emphasizing read-only operations and developer control over the test environment.
Audit Metadata