mcp
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides secure-by-design code templates for MCP servers, including robust input validation and path traversal prevention logic.
- [SAFE]: It demonstrates secure process execution using argument arrays in both TypeScript and Python, explicitly warning against shell interpolation.
- [SAFE]: The documentation includes detailed mitigations for complex attacks such as SSRF, DNS rebinding, and tool poisoning.
- [SAFE]: Referenced external tools and SDKs (e.g., @modelcontextprotocol/sdk) are official protocol components used for their intended development purpose.
Audit Metadata