mcp-converter
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is vulnerable to Indirect Prompt Injection via MCP server introspection. Malicious schemas can be written into new skill files. Ingestion points: External MCP servers via mcp_analyzer.py. Boundary markers: None. Capability inventory: Bash, Read, Write tools. Sanitization: None identified.
- [COMMAND_EXECUTION] (MEDIUM): The skill uses the Bash tool to execute local Python scripts like mcp_analyzer.py and batch_converter.py.
- [EXTERNAL_DOWNLOADS] (LOW): Requires installation of mcp and pyyaml from PyPI via pip.
Recommendations
- AI detected serious security threats
Audit Metadata