Skills
skills/snyk/agent-scan/mcp-builder/Gen Agent Trust Hub

mcp-builder

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill instructs the agent to fetch documentation from modelcontextprotocol.io and raw.githubusercontent.com. These are official sources for the protocol and fall under the Trusted Organizations rule (Anthropics/GitHub).
  • [COMMAND_EXECUTION] (SAFE): The script scripts/connections.py implements an MCP client helper. The MCPConnectionStdio class uses mcp.client.stdio to execute local commands. This is the primary intended behavior for managing local MCP servers and is used for development purposes.
  • [PROMPT_INJECTION] (LOW): Detected a surface for Indirect Prompt Injection (Category 8) as the skill processes data from external URLs.
  • Ingestion points: SKILL.md directs the agent to fetch sitemaps and markdown guides from the web to guide the development process.
  • Boundary markers: Absent. The instructions do not define delimiters for the external content.
  • Capability inventory: scripts/connections.py contains logic to execute arbitrary subprocesses via the stdio transport.
  • Sanitization: The connection helper does not perform sanitization on command arguments, as it is designed for developer-controlled input.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 05:03 AM