Skills
skills/meriley/claude-code-skills/mcp-server-reviewing/Gen Agent Trust Hub

mcp-server-reviewing

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes local shell commands such as grep, sort, uniq, and cut to automate the detection of security violations and architectural flaws in source code. It also suggests the use of standard security auditing tools like npm audit and pip-audit to check for vulnerable dependencies.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface (Category 8) because its core function involves reading and analyzing untrusted source code, which could contain malicious instructions designed to influence the auditor's conclusions.
  • Ingestion points: The skill processes source code files from the src/ directory during its automated and manual review workflows.
  • Boundary markers: No specific delimiters or instructions are used to separate the content of audited files from the agent's internal reasoning.
  • Capability inventory: The agent is authorized to execute shell commands and read files to perform the audit.
  • Sanitization: The skill does not specify sanitization or filtering protocols for the content of the files being reviewed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 07:48 AM