mcp-builder
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation (SKILL.md) directs the agent to fetch protocol specifications and SDK details from authoritative sources including modelcontextprotocol.io and the official modelcontextprotocol GitHub organization. These are well-known, reputable sources for the technology described in the skill.
- [COMMAND_EXECUTION]: The evaluation harness (scripts/evaluation.py) and connection utilities (scripts/connections.py) facilitate the execution of local processes to serve as MCP servers. This is done via the standard 'mcp' Python library's stdio transport. This functionality is the primary purpose of the provided tools and is managed through user-provided command-line arguments.
- [PROMPT_INJECTION]: The script 'scripts/evaluation.py' implements an agent loop that ingests external data from XML-based evaluation files and MCP tool responses. This creates an indirect prompt injection surface. The skill manages this risk using structured boundary markers (e.g., , , tags) in the system prompt to guide the agent's behavior when processing potentially untrusted content.
Audit Metadata