The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches protocol specifications and SDK documentation from official sources, including modelcontextprotocol.io and the modelcontextprotocol GitHub organization. These are well-known and trusted providers.
[COMMAND_EXECUTION]: The scripts/evaluation.py script executes local MCP server processes via the stdio transport. This is a primary function for testing servers and is controlled by user-provided command-line arguments.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via its evaluation harness. 1. Ingestion points: scripts/evaluation.py reads questions from external XML files (e.g., scripts/example_evaluation.xml). 2. Boundary markers: The agent is instructed to use specific XML tags (<summary>, <feedback>, <response>) to separate its internal reasoning from the final answer. 3. Capability inventory: The evaluation agent can invoke any tool exposed by the target MCP server, which may include system-level operations. 4. Sanitization: There is no specific validation or filtering applied to the question content extracted from the XML files.

building-mcp-servers