mcp-code-execution
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for exploring local file systems using tools like Bash and Grep to discover tool definitions. This is consistent with the skill's purpose of scaffolding development environments.
- [REMOTE_CODE_EXECUTION]: The skill defines a pattern where an agent generates and executes TypeScript or Python code to interact with external tools. It explicitly mandates security controls including process isolation (sandboxing), resource limits, and execution timeouts for this activity.
- [DATA_EXFILTRATION]: The architecture includes patterns for data handling that prioritize security, such as filtering large datasets within the execution environment and tokenizing Personally Identifiable Information (PII) before it is sent back to the model context.
- [EXTERNAL_DOWNLOADS]: The skill references technical documentation and engineering blogs from established technology providers (Anthropic and Cloudflare) to provide authoritative context for the recommended architecture.
Audit Metadata