The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill provides a framework for building servers that process untrusted external data via the Model Context Protocol. This is documented neutrally as the skill incorporates significant mitigations.
Ingestion points: Network requests processed at the /mcp endpoint in SKILL.md and template files (e.g., templates/basic-mcp-server.ts).
Boundary markers: The templates consistently use Zod schemas for tool input validation, which acts as a primary defense against malformed or malicious inputs.
Capability inventory: The provided templates include network access via fetch (e.g., in templates/tool-server.ts) and data persistence via Cloudflare D1, KV, and R2 services. The scripts/init-mcp-server.sh script performs file system operations.
Sanitization: The skill mandates the use of Zod for input validation and parameterized queries for database operations to prevent injection and SQLi attacks.
[EXTERNAL_DOWNLOADS]: The scripts/init-mcp-server.sh script automates project setup by running npm install. It targets the official npm registry and installs well-known, trusted packages such as @modelcontextprotocol/sdk, hono, and zod. This behavior is associated with the intended primary skill purpose.
[COMMAND_EXECUTION]: The initialization script scripts/init-mcp-server.sh uses standard shell commands (mkdir, cp, sed) to scaffold new projects. These operations are limited to the project directory and are consistent with the script's primary purpose. The scripts/test-mcp-connection.sh script utilizes curl for connectivity testing, which is expected functionality.
[DATA_EXFILTRATION]: The skill provides patterns for tools that communicate with external APIs (e.g., OpenWeatherMap) and Cloudflare storage services. These network and data operations are documented as the intended functionality of the generated tools and do not involve sensitive user credentials.

typescript-mcp