mcp-security-audit
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill serves as a security auditing tool for Model Context Protocol configurations.\n- [EXTERNAL_DOWNLOADS]: References official documentation and code repositories from Microsoft and OWASP, which are recognized as trusted sources.\n- [CREDENTIALS_UNSAFE]: Defines defensive logic to identify and alert on hardcoded credentials within JSON configurations; no actual secrets are contained in the skill code.\n- [COMMAND_EXECUTION]: Defines defensive logic to identify and alert on potential shell injection patterns in server arguments to mitigate execution risks in external configurations.
Audit Metadata