Skills
skills/mapbox/mapbox-agent-skills/mapbox-mcp-devkit-patterns/Gen Agent Trust Hub

mapbox-mcp-devkit-patterns

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified. The skill facilitates legitimate integration with Mapbox developer APIs using official vendor resources.
  • [EXTERNAL_DOWNLOADS]: The skill references official Mapbox resources, including the hosted MCP endpoint (https://mcp-devkit.mapbox.com/mcp) and the GitHub repository (https://github.com/mapbox/mcp-devkit-server). These are trusted vendor-owned assets.
  • [REMOTE_CODE_EXECUTION]: The configuration for Claude Desktop and other assistants uses npx mcp-remote to connect to a remote Mapbox server. This is a standard and expected integration pattern for MCP servers.
  • [DATA_EXFILTRATION]: The documentation includes guidance on managing Mapbox Access Tokens. It correctly emphasizes using environment variables and scoped permissions, following the principle of least privilege.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 08:56 AM