mcp-cli
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a documentation layer for the
mcp-cliutility. Analysis of the instructions and examples revealed no malicious intent, prompt injection, or hidden payloads. - [COMMAND_EXECUTION]: The skill facilitates the execution of
mcp-clito interact with external tools. This is the intended functionality of an MCP client. - [DATA_EXPOSURE]: Examples demonstrate reading local filesystem data (e.g.,
read_file). This behavior is consistent with the primary purpose of MCP-integrated tools and is documented clearly. - [INDIRECT_PROMPT_INJECTION]: The skill creates an attack surface by ingesting data from external MCP servers.
- Ingestion points: Output from
mcp-cli(SKILL.md). - Boundary markers: None explicitly defined in the workflow examples.
- Capability inventory: Execution of
mcp-cliwhich can trigger filesystem, database, or API operations. - Sanitization: No validation or sanitization of tool outputs is mentioned; however, this is a standard characteristic of MCP client documentation.
Audit Metadata