mcp-security-hardening
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill provides defensive patterns to detect and sanitize injection attempts in tool descriptions. It does not contain any malicious instructions or bypass attempts itself.
- [Data Exposure & Exfiltration] (SAFE): The provided code snippets include a
CapabilityEnforcerthat explicitly identifies and blocks access to sensitive system paths such as/etc/passwd,~/.ssh, and.envfiles. There are no hardcoded credentials or unauthorized network operations. - [Remote Code Execution] (SAFE): No remote code execution patterns, untrusted downloads, or dynamic code evaluation (eval/exec) were found. The Python snippets use standard libraries for hashing and regex operations.
- [Indirect Prompt Injection] (SAFE): The skill identifies tool descriptions as a primary attack surface (Indirect Prompt Injection) and implements mitigation strategies, including hash-based tool allowlisting to prevent 'rug pull' attacks and regex-based description sanitization.
- [Persistence Mechanisms] (SAFE): No attempts to modify system profiles, cron jobs, or startup scripts were detected.
Audit Metadata