mcp-lightspeed-validator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill mentions sensitive environment variables (LIGHTSPEED_CLIENT_ID, LIGHTSPEED_CLIENT_SECRET) for service authentication but correctly instructs the agent to never echo their values.
- [EXTERNAL_DOWNLOADS]: References to https://console.redhat.com point to an official, well-known service domain for managing integration settings.
- [PROMPT_INJECTION]: The skill processes output from the vulnerability__get_cves tool. Ingestion point: vulnerability__get_cves output in SKILL.md. Boundary markers: none. Capability: tool call execution. Sanitization: not specified. This surface is limited to status reporting.
Audit Metadata