mcp-builder
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's instructions and documentation guide the AI agent to fetch protocol specifications and SDK information from official sources, including 'modelcontextprotocol.io' and 'github.com/modelcontextprotocol'. These are well-known and trusted repositories for the technology being integrated.
- [COMMAND_EXECUTION]: The evaluation harness (
evaluation.py) and connection module (connections.py) allow the execution of local commands to start MCP servers via the 'stdio' transport. This capability is controlled by the user via command-line arguments and is the intended primary purpose of the tool for testing local server implementations. - [PROMPT_INJECTION]: The skill defines a structured prompt for AI evaluation agents. This prompt uses XML boundary markers (e.g.,
<summary>,<feedback>,<response>) to prevent output confusion and clearly defines the agent's role without attempting to bypass safety filters or ignore system instructions. - Ingestion points: The evaluation script processes user-provided XML files (
evaluation.xml) and dynamic outputs from the tools exposed by the MCP server. - Boundary markers: The system prompt explicitly instructs the agent to wrap different parts of its thought process and final answer in specific XML tags.
- Capability inventory: The script can execute local server processes and call any tool provided by the connected MCP server.
- Sanitization: Tool results are stringified using JSON serialization before being presented back to the agent model.
Audit Metadata