outlit-mcp
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references standard MCP installation commands for Claude Code and Claude Desktop targeting
mcp.outlit.ai. These are legitimate endpoints for the service described. - [COMMAND_EXECUTION] (SAFE): Includes instructions for the user to run
claude mcp addcommands to configure their local environment. These are standard setup procedures and not automated malicious execution. - [PROMPT_INJECTION] (SAFE): No instructions designed to bypass agent safety filters or override system constraints were detected.
- [DATA_EXFILTRATION] (SAFE): The skill handles customer data but does so through authorized MCP tools. No hardcoded credentials or unauthorized network exfiltration patterns were found. The use of an API key is managed via user-provided headers during setup.
- [REMOTE_CODE_EXECUTION] (SAFE): While the skill allows raw SQL queries (
outlit_query), the documentation and error codes confirm a read-only security model (SELECT only) restricted to organization-level data isolation.
Audit Metadata