agent-tool-routing
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is primarily instructional and educational, providing a framework for managing a large number of tools using a router pattern.
- [NO_CODE]: The skill contains no executable scripts or commands. All provided code is intended for reference and documentation purposes within the markdown body.
- [INDIRECT_PROMPT_INJECTION]: The skill describes an architectural pattern where tool definitions (metadata and schemas) are dynamically discovered from external MCP (Model Context Protocol) servers. While this introduces a potential surface for indirect prompt injection if an MCP server provides malicious tool descriptions, the skill is focused on the structural implementation of the router rather than being a vulnerable executable itself.
- Ingestion points:
c.list_tools()from an MCP server URL. - Boundary markers: None specified in the reference snippets.
- Capability inventory: The pattern includes a tool execution capability via
cur.invoke(args). - Sanitization: Not explicitly addressed in the high-level architectural snippets.
Audit Metadata