Skills
skills/aradotso/mcp-skills/cve-mcp-server-security-intelligence/Gen Agent Trust Hub

cve-mcp-server-security-intelligence

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the cve-mcp-server package from PyPI or clone the source code from a GitHub repository (github.com/mukul975/cve-mcp-server.git). This is the intended delivery mechanism for the Model Context Protocol server functionality.
  • [COMMAND_EXECUTION]: The installation and configuration process involves running standard shell commands to install Python packages and execute the server locally via the python -m cve_mcp_server command.
  • [SAFE]: The skill demonstrates security-conscious design by implementing input validation using Pydantic schemas, blocking queries to private IP addresses to prevent internal network scanning, and utilizing outbound-only HTTPS requests for all API interactions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 08:49 PM
Security Audit — agent-trust-hub — cve-mcp-server-security-intelligence