review-mcp-use-code
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The documentation describes the use of StdioConnector which allows the agent to execute system commands such as npx, python, or docker to initialize local MCP servers.
- [REMOTE_CODE_EXECUTION]: The skill details a 'code_mode' feature in the MCPClient that supports the runtime execution of Python code strings to interact with discovered tools.
- [EXTERNAL_DOWNLOADS]: The instructions reference the installation of the mcp-use library and LangChain provider packages from public package registries like PyPI and npm.
- [PROMPT_INJECTION]: The skill provides the agent with specific 'AI Derailment Patterns' to identify and mitigate potential prompt injection, logic bypass, or configuration errors in code using mcp-use.
- [DATA_EXFILTRATION]: The documentation explains how to configure network-based connectors (HTTP, SSE, WebSocket) and authentication flows (OAuth, Bearer tokens) which facilitate data exchange with remote servers.
Audit Metadata