Skills
skills/github/awesome-copilot/ruby-mcp-server-generator/Gen Agent Trust Hub

ruby-mcp-server-generator

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The generation instructions include a step to make the server script executable using the chmod +x command, which is standard procedure for Ruby command-line tools.
  • [EXTERNAL_DOWNLOADS]: The provided Gemfile template fetches the official mcp gem and development dependencies from RubyGems (https://rubygems.org), which is the well-known and trusted official registry for Ruby packages.
  • [PROMPT_INJECTION]: The template includes a 'Code Review' prompt that interpolates user-provided text ('language' and 'focus') into the prompt instructions. While this is the intended functionality of the generated tool, it creates a surface for indirect prompt injection that developers using this template should be aware of. 1. Ingestion points: 'language' and 'focus' parameters in the CodeReviewPrompt class. 2. Boundary markers: Absent; the template uses direct string interpolation. 3. Capability inventory: The generated project provides basic calculation and greeting tools using the official Ruby MCP SDK. 4. Sanitization: No sanitization is performed on the input arguments in the template.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 05:26 AM