mcp-builder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The
MCPConnectionStdioclass enables communication with local MCP servers via standard input/output. This involves spawning a subprocess using thestdio_clientfrom the officialmcpPython SDK. This is the standard and intended implementation for local MCP tool integration. - EXTERNAL_DOWNLOADS (SAFE): The
MCPConnectionSSEandMCPConnectionHTTPclasses facilitate network connections to remote MCP servers. These connections are used for protocol-compliant communication (Model Context Protocol) and do not involve the download or execution of untrusted scripts.
Audit Metadata