mcp-api-key-auth
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill instructions direct the agent to transmit sensitive login credentials (email and password) to a remote API host to obtain authentication tokens.
- [COMMAND_EXECUTION]: Employs shell commands using curl and the Python interpreter to interact with the service and parse JSON-formatted data.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing data from remote usage tracking endpoints. Ingestion points: Usage history and statistics are fetched from /api/mcp-usage/history and /api/mcp-usage/stats. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the workflow. Capability inventory: The skill utilizes network access via curl and data processing via python3. Sanitization: The instructions do not describe any sanitization or validation of the data retrieved from the remote logging service.
Audit Metadata