mcp-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a comprehensive developer reference for the Model Context Protocol. It includes detailed guidance on transport selection, tool design, and error handling for production environments.
- [SAFE]: The documentation actively promotes security best practices, explicitly identifying top threats like command injection (CVE-2025-53967) and supply chain risks, and providing mitigation strategies such as input validation and DNS rebinding protection.
- [SAFE]: Code examples provided are architectural templates using standard, well-known libraries (e.g., Zod, Hono, Express, and the official @modelcontextprotocol SDKs).
- [SAFE]: No obfuscation, prompt injection, credential harvesting, or unauthorized remote code execution patterns were detected in the skill files.
Audit Metadata