Skills
skills/shafran123/skills/mcp-builder/Gen Agent Trust Hub

mcp-builder

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Prompt Injection] (HIGH): The skill is highly susceptible to Indirect Prompt Injection (Category 8). It instructs the agent to fetch documentation from external sites and use it as a foundation for generating MCP server code. Evidence: 1. Ingestion points: modelcontextprotocol.io and raw.githubusercontent.com/modelcontextprotocol/ (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Generates full TypeScript and Python source code. 4. Sanitization: Absent.
  • [External Downloads] (MEDIUM): Downloads documentation from external, non-whitelisted sources. While the sources appear official, the 'modelcontextprotocol' organization is not in the trusted list, meaning the content is considered unverifiable.
  • [Command Execution] (LOW): Suggests executing the MCP Inspector via npx, which is a standard development tool execution.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:13 AM