mcp-expert
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of a collection of reference documents and educational material regarding the Model Context Protocol (MCP).
- [SAFE]: Code examples for project scaffolding and tool implementation utilize standard, well-known libraries such as the official MCP SDK and Zod for schema validation.
- [SAFE]: Security-focused sections provide appropriate architectural advice, emphasizing the use of OAuth 2.1 with PKCE, capability-based security, and Human-in-the-Loop (HITL) gates for high-risk operations.
- [SAFE]: The skill explicitly warns against insecure practices, such as hardcoding secrets or passing received tokens to upstream APIs, advocating for environment variable management and local token validation.
Audit Metadata