Skills
skills/rdmptv/adbautoplayer/moai-connector-mcp/Gen Agent Trust Hub

moai-connector-mcp

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICAL
Full Analysis
  • [SAFE] (SAFE): The skill provides educational content and design patterns for the FastMCP framework. All logic resides within documentation files (.md) and serves as a template for developers.
  • [CREDENTIALS_UNSAFE] (SAFE): While the patterns include placeholder strings like 'your-secret-key' and 'https://auth.company.com', these are explicitly documented as placeholders. The provided 'CredentialManager' implementation correctly demonstrates the use of os.getenv for secure secret handling.
  • [EXTERNAL_DOWNLOADS] (SAFE): The 'Getting Started' guide mentions installing 'fastmcp' via pip. This is a standard installation procedure for the intended development context.
  • [AUTOMATED_SCAN_ALERT] (SAFE): The automated alert regarding 'logger.info' is a false positive. The string 'logger.info' is a standard Python logging method used correctly in the monitoring and circuit-breaker patterns to provide observability, not a malicious URL or command.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:40 PM