mcp-developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): No malicious instructions or bypass attempts detected. The skill defines a standard developer persona focused on protocol implementation.
- DATA_EXFILTRATION (SAFE): The skill contains explicit 'MUST NOT DO' constraints regarding hardcoding credentials and exposing sensitive data in resources. No suspicious network exfiltration patterns found.
- EXTERNAL_DOWNLOADS (SAFE): References to standard, well-known packages (
mcp,pydantic,@modelcontextprotocol/sdk,zod) via standard package managers (pip,npm). These align with the skill's primary purpose. - COMMAND_EXECUTION (SAFE): Examples include using standard transport mechanisms (stdio) which involve spawning local processes for MCP server/client communication, which is the intended behavior of the protocol.
- INDIRECT_PROMPT_INJECTION (SAFE): While the skill describes tools that ingest untrusted data (Category 8), it provides clear instructions and examples for mandatory schema validation using Pydantic and Zod to mitigate these risks.
Audit Metadata