mcp-builder
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch official protocol documentation and SDK README files from
modelcontextprotocol.ioandraw.githubusercontent.com/modelcontextprotocol. These are recognized as well-known, official sources for the technology described in the skill. - [COMMAND_EXECUTION]: The evaluation harness in
scripts/evaluation.pyand the connection utility inscripts/connections.pyutilize themcpSDK to launch local processes viastdiotransport. This behavior allows the execution of local commands (e.g.,python server.py) to facilitate testing, which is the intended primary purpose of the developer tool. - [DATA_EXFILTRATION]: No malicious data exfiltration was detected. The scripts communicate with the Anthropic API and specified MCP endpoints solely to perform the requested evaluations.
- [REMOTE_CODE_EXECUTION]: The skill does not perform remote code execution from untrusted sources. It relies on standard, versioned packages from official registries (PyPI).
- [PROMPT_INJECTION]: The
EVALUATION_PROMPTinscripts/evaluation.pyuses structured XML delimiters (<summary>,<feedback>,<response>) and clear system instructions to maintain control over the agent's behavior during tool-use tasks, reducing the risk of accidental or indirect instruction overrides.
Audit Metadata