mcp-builder
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional, providing templates and best practices for developing MCP servers without including any malicious scripts or commands.
- [SAFE]: External references are limited to official and well-known libraries, such as the
@modelcontextprotocol/sdkandzodfor validation. - [SAFE]: The documentation explicitly includes a security hardening section that recommends critical safeguards like path traversal prevention, least privilege permission models, and the use of environment variables instead of hardcoded secrets.
- [SAFE]: No obfuscation, data exfiltration, or prompt injection patterns were detected in the instructions or the provided code snippets.
Audit Metadata