The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/connections.py and scripts/evaluation.py files provide functionality to execute local programs via the stdio transport. This allows the system to launch MCP server processes during evaluation based on user-specified commands and arguments.\n- [REMOTE_CODE_EXECUTION]: The evaluation harness launches and interacts with local MCP servers. This involves executing local scripts as part of the intended testing workflow, which represents an execution surface if malicious server code is provided.\n- [EXTERNAL_DOWNLOADS]: The skill instructions guide the user to download documentation and SDK guidelines from modelcontextprotocol.io and official modelcontextprotocol GitHub repositories. These are well-known and reputable sources for the protocol's development.\n- [DATA_EXFILTRATION]: The scripts/evaluation.py script transmits data, including prompt content and tool responses, to the Anthropic API. This is the necessary and intended data flow for performing LLM-based evaluations.\n- [PROMPT_INJECTION]: The evaluation script processes input from external XML files and outputs from the MCP servers. This creates an attack surface for indirect prompt injection where malicious content in those sources could attempt to override the evaluation agent's instructions.

mcp-builder