fastmcp-server-setup
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- External Downloads (LOW): The documentation and validation scripts reference external Python libraries (fastmcp, sqlmodel, httpx) and GitHub repositories (jlowin/fastmcp, panaversity/learn-agentic-ai) that are not on the trusted sources list. Evidence: REFERENCE.md links to external repositories and scripts/test-mcp-server.py checks for fastmcp and sqlmodel packages.
- Prompt Injection (LOW): The tool definition patterns ingest untrusted data from user prompts without explicit sanitization or boundary markers shown in the examples, establishing a surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: TOOLS.md defines tools like create_task and search taking string arguments. 2. Boundary markers: Absent in provided code. 3. Capability inventory: CRUD operations on a local database (create, list, update, delete). 4. Sanitization: Absent in examples, though SQLModel ORM usage provides inherent protection against SQL injection.
Audit Metadata