mcp-integration
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill documentation provides examples using npx to fetch and execute the @anthropic/mcp-server package. As 'anthropic' is a trusted organization, this download and execution pattern is considered low risk.\n- COMMAND_EXECUTION (LOW): The configuration templates describe how to execute local commands (node, npx) to start MCP processes. This is documented as the standard method for protocol integration and does not involve arbitrary or hidden command injection.
Audit Metadata