Skills
skills/fortytwo-network/fortytwo-mcp-skills/fortytwo-mcp/Gen Agent Trust Hub

fortytwo-mcp

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting and displaying text from an external provider without implementing boundary markers or sanitization.
  • Ingestion points: Data returned from the Fortytwo Network API in scripts/fortytwo_query.py is directly presented to the agent's context.
  • Boundary markers: Not present; the instructions in SKILL.md tell the agent to "Show the full answer" and "Add commentary if useful" without using delimiters or instructions to ignore embedded commands in the external data.
  • Capability inventory: The skill has network access and local file system write access for session state management.
  • Sanitization: No escaping, validation, or filtering of the external response is performed before it is presented.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 07:48 AM