Skills
skills/nicolas-codemate/claudecodeconfig/mcp-tool-creator/Gen Agent Trust Hub

mcp-tool-creator

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to validate the syntax of generated scripts (using python3 -c or node --check) and to manage the installation of required dependencies.
  • [EXTERNAL_DOWNLOADS]: It downloads and installs official Model Context Protocol libraries from standard registries (PyPI and NPM) to ensure the generated server can function.
  • [COMMAND_EXECUTION]: The generated MCP server is designed to execute docker compose commands. The templates utilize safe execution patterns, such as asyncio.create_subprocess_exec in Python and execFile in Node.js, which avoid shell spawning and mitigate command injection risks from tool arguments.
  • [PROMPT_INJECTION]: The skill processes untrusted project data from docker-compose.yml (Step 1) to identify services and generate tool definitions. This represents an indirect prompt injection surface where a malicious configuration file could attempt to influence the generated code, though the impact is limited to the local development environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 05:15 PM