mcp-builder
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches protocol specifications and SDK documentation from official sources, including the Model Context Protocol website and verified GitHub repositories. These downloads are documented as safe and essential for providing up-to-date guidance to developers.
- [COMMAND_EXECUTION]: The evaluation script (
evaluation.py) is designed to execute local commands to launch and test MCP servers under development. This functionality is intended for server verification and requires the user to specify the command and arguments. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The evaluation harness processes test questions from XML files and interacts with tool-calling agents. 1. Ingestion points: Test questions are loaded from user-provided XML files. 2. Boundary markers: The agent uses XML tags like , , and to structure outputs. 3. Capability inventory: The agent can invoke any tool exposed by the local MCP server being tested. 4. Sanitization: Inputs are not sanitized, as the tool is designed for a developer to test their own local implementations.
Audit Metadata