moai-mcp-builder
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The evaluation harness located in
scripts/evaluation.pyutilizes themcpSDK to launch local server processes via thestdiotransport. This allows the tool to execute specific commands and arguments provided by the user to test MCP server implementations in a local environment. - [SAFE]: The skill relies on official, well-known libraries from trusted organizations, specifically the
anthropicandmcpPython packages. These dependencies are standard for AI agent and protocol development. - [EXTERNAL_DOWNLOADS]: The documentation and reference materials point toward official resources, including the Model Context Protocol GitHub repositories and the FastMCP framework website. No automated or hidden downloads were detected in the scripts.
- [PROMPT_INJECTION]: The
scripts/evaluation.pyscript identifies an indirect prompt injection surface as it processes external XML evaluation files. - Ingestion points: Test questions are ingested from XML files and included in the agent's prompt context during evaluation loops.
- Boundary markers: The
EVALUATION_PROMPTutilizes XML-style tags (<summary>,<feedback>,<response>) to structure the model's output and maintain task focus. - Capability inventory: The harness can spawn local subprocesses (server commands) and call tools exposed by the MCP server under test.
- Sanitization: The script uses standard XML parsing to extract content but does not perform additional sanitization on the question text before interpolation into the prompt.
Audit Metadata