Skills
skills/gocallum/nextjs16-agent-skills/mcp-server-skills/Gen Agent Trust Hub

mcp-server-skills

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • Input Validation (SAFE): The skill correctly uses Zod for schema validation (diceSchema.parse(sides)). This ensures that inputs are checked for type and range before processing, preventing potential logic errors or injection attempts through user-supplied parameters.
  • External Dependencies (LOW): The skill references mcp-handler and mcp-remote via NPM. While these authors are not on the specific Trusted Organizations list, the packages are standard utilities in the MCP community and are used as intended for development patterns. The [TRUST-SCOPE-RULE] applies as they are standard references for the skill's primary purpose.
  • Command Execution (SAFE): No dangerous shell commands or privilege escalation attempts were found. The provided configuration for Claude Desktop uses npx to run a known bridge utility, which is the standard method for local MCP server connection.
  • Data Privacy (SAFE): No hardcoded credentials, sensitive file access, or unauthorized network operations were identified. The logic is self-contained and focuses on a simple dice-rolling implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:59 PM