The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill defines a workflow where the agent fetches and processes untrusted external data, creating an attack surface for indirect prompt injection. \n- Ingestion points: Phase 1.2 and 1.4 instruct fetching content from modelcontextprotocol.io, raw.githubusercontent.com, and external API documentation. \n- Boundary markers: Absent. There are no instructions to delimit external content or ignore embedded commands. \n- Capability inventory: The skill allows the agent to execute npm run build, npx @modelcontextprotocol/inspector, and python -m py_compile. \n- Sanitization: Absent. External documentation is processed directly to guide code generation. \n- [External Downloads] (LOW): The skill references documentation and SDKs from modelcontextprotocol.io and GitHub repositories that are not on the explicitly trusted list. \n- [Command Execution] (LOW): The skill involves the execution of build and inspection commands (npm, npx, python) on code that may have been influenced by external, untrusted documentation.

mcp-builder