Skills
skills/prulloac/agent-skills/mcp-builder/Gen Agent Trust Hub

mcp-builder

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The connections.py script creates an indirect prompt injection surface by ingesting and processing tool definitions and outputs from external MCP servers.\n
  • Ingestion points: Data enters the system via session.list_tools() and session.call_tool() in connections.py.\n
  • Boundary markers: Absent; server-provided strings are not wrapped in delimiters.\n
  • Capability inventory: The library enables local process execution via stdio_client and network access via HTTP/SSE transports.\n
  • Sanitization: No active sanitization of external server responses is implemented in the connection helper.\n- [COMMAND_EXECUTION] (SAFE): The MCPConnectionStdio class enables launching local MCP servers. This is a necessary feature for development and testing, and is documented alongside security best practices for developers in reference/mcp_best_practices.md.\n- [EXTERNAL_DOWNLOADS] (SAFE): References to documentation and SDKs point to trusted official sources on github.com and modelcontextprotocol.io.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 02:07 AM