mcp-to-skill
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous templates for executing shell commands, including curl, bash, and various CLI tools. These commands are intended to replace the functionality of MCP tools and are a core part of the skill's operation.
- [EXTERNAL_DOWNLOADS]: The documentation references and provides installation instructions for widely-used, official CLI tools from trusted vendors such as GitHub, AWS, and Google Cloud. These references are informative and point to legitimate software repositories.
- [DATA_EXFILTRATION]: The conversion workflow involves reading local configuration files to identify active MCP servers. This file access is limited to discovering tool definitions required for the conversion process.
- [PROMPT_INJECTION]: The skill contains logic to process external MCP schemas which could potentially contain untrusted data. While this presents an indirect prompt injection surface, the risk is inherent to the task of parsing third-party schemas and the skill provides a structured framework for conversion.
Audit Metadata