The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute setup and build commands, including directory creation (mkdir), project initialization (npm init), and running installation/test scripts (npm install, npm run build).
[EXTERNAL_DOWNLOADS]: The skill downloads official packages from the NPM and PyPI registries, such as @modelcontextprotocol/sdk, zod, mcp, and pydantic. These are standard dependencies for MCP server development and are from well-known sources.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). It ingests an external Tool specification document and uses its content (tool names, descriptions, parameters) to dynamically generate code and file paths. A maliciously crafted specification could attempt to inject commands or create unauthorized files during the scaffolding process.
Ingestion points: Tool specification document (YAML or JSON) referenced in Step 3.1.
Boundary markers: No specific delimiters or safety instructions are mentioned to separate untrusted specification data from the code generation templates.
Capability inventory: The skill utilizes Bash, Write, and Edit tools, which provide the ability to execute commands and modify the filesystem based on the processed specification.
Sanitization: While the generated server code includes validation logic (e.g., Zod/Pydantic), the skill itself does not explicitly define sanitization steps for the input data before using it to construct shell commands or file structures.

scaffold-mcp-server