mcp-workflow-composition
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides legitimate templates and documentation for software development automation using tools from the same vendor. No obfuscation, persistence mechanisms, or unauthorized data access attempts were found.
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the @j0kz/shared npm package. This is a vendor-owned resource required for the MCPPipeline functionality described in the documentation and is treated as a safe dependency in this context.
- [PROMPT_INJECTION]: The skill facilitates the creation of workflows that ingest local source files, which represents a surface for indirect prompt injection. 1. Ingestion points: File paths and project directories are passed as parameters to analysis tools in SKILL.md. 2. Boundary markers: The orchestration uses a structured pipeline (MCPPipeline) with JSON communication between tools. 3. Capability inventory: The tools are designed for code review, security auditing, and documentation generation. 4. Sanitization: The provided orchestration templates focus on flow control; input validation and sanitization are expected to be handled by the individual MCP tools.
Audit Metadata