agent-tool-routing

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • [SAFE]: The skill is primarily instructional and educational, providing a framework for managing a large number of tools using a router pattern.
  • [NO_CODE]: The skill contains no executable scripts or commands. All provided code is intended for reference and documentation purposes within the markdown body.
  • [INDIRECT_PROMPT_INJECTION]: The skill describes an architectural pattern where tool definitions (metadata and schemas) are dynamically discovered from external MCP (Model Context Protocol) servers. While this introduces a potential surface for indirect prompt injection if an MCP server provides malicious tool descriptions, the skill is focused on the structural implementation of the router rather than being a vulnerable executable itself.
  • Ingestion points: c.list_tools() from an MCP server URL.
  • Boundary markers: None specified in the reference snippets.
  • Capability inventory: The pattern includes a tool execution capability via cur.invoke(args).
  • Sanitization: Not explicitly addressed in the high-level architectural snippets.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 04:56 PM
Security Audit — agent-trust-hub — agent-tool-routing