Skills
skills/thewatcher01/skills/mcp-builder/Gen Agent Trust Hub

mcp-builder

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/connections.py file implements an MCPConnectionStdio class that uses the stdio_client to spawn subprocesses. This is a core feature of the skill, designed to launch and test local MCP servers provided by the user.
  • [EXTERNAL_DOWNLOADS]: The SKILL.md documentation references official Model Context Protocol resources on modelcontextprotocol.io and the official GitHub repositories of the modelcontextprotocol organization. These are well-known, trusted sources for the protocol's specifications and SDKs.
  • [INDIRECT_PROMPT_INJECTION]: The evaluation script scripts/evaluation.py ingests task questions from a user-supplied XML file and interpolates them into the agent's prompt. While this presents an ingestion point for untrusted data, the script is a testing tool where processing diverse queries is the intended functionality.
  • Ingestion points: scripts/evaluation.py reads data from the eval_file XML positional argument.
  • Boundary markers: None identified; question text is directly assigned to the message content.
  • Capability inventory: The script can execute tools on connected MCP servers and interact with the Anthropic API.
  • Sanitization: None; the script assumes the evaluation file is provided by the developer for testing their own server.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 04:37 AM