add-webmcp-tools
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill directs the agent to install webmcp-kit and zod via npm. While these are standard packages for this workflow, they are external dependencies not listed in the trusted sources.
- PROMPT_INJECTION (LOW): The skill translates user requests into tool logic, creating an attack surface for Indirect Prompt Injection (Category 8). 1. Ingestion points: User instructions for tool behavior. 2. Boundary markers: None explicitly defined. 3. Capability inventory: npm installation, codebase searching with ripgrep, and file modification. 4. Sanitization: The skill correctly mandates Zod schema validation for all generated tool inputs.
- COMMAND_EXECUTION (SAFE): Uses the ripgrep (rg) utility to search for tool definitions in the src directory, which is a standard read-only development operation.
Audit Metadata