mcp-tooling
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to bypass safety filters, override system prompts, or disregard previous rules were detected.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network exfiltration patterns were found. The mention of tools like Supabase and Tavily refers to environment-provided tools for the agent to use.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not perform remote script execution or install unverified packages. It recommends using existing tools and standard build processes.
- [Command Execution] (LOW): The skill includes instructions to run standard development commands such as
bun run build,bun run tsc, andbun run lint. These are routine tasks within a coding workflow and do not represent a security risk in this context.
Audit Metadata