Skills
skills/zz3310969/max-skills/mcp-query-router/Gen Agent Trust Hub

mcp-query-router

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the rw CLI to perform operations such as rw company, rw chain, and rw macro. It also supports a generic rw call command for direct tool invocation.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill references a specific local file path (~/Max/research-warehouse/docs/query-guide.md) for validating its parameter schema.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes user research requests to route queries, creating a surface where malicious input could influence tool parameters.
  • Ingestion points: User requests are mapped to tool domains and parameters in SKILL.md.
  • Boundary markers: No explicit delimiters or guardrail instructions are provided to isolate user-supplied strings within the CLI arguments.
  • Capability inventory: The skill can execute multiple shell commands via the rw utility, which acts as a gateway to financial data tools.
  • Sanitization: The skill includes a 'Parameter Precheck' step that normalizes ticker symbols and validates enum values for specific fields.
  • [EXTERNAL_DOWNLOADS]: The documentation provides instructions to configure the CLI using an external MCP gateway URL (https://your-mcp-gateway.example.com).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 02:33 PM