Skills
skills/arenukvern/mcp_flutter/flutter-mcp-cli-runtime-validation/Gen Agent Trust Hub

flutter-mcp-cli-runtime-validation

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the local script mcp_server_dart/bin/flutter_mcp_toolkit.dart via dart run to perform validation tasks and manage system permissions.
  • [SAFE]: The skill captures screenshots and application layout metadata for QA purposes and saves them to the local directory .flutter_mcp/runtime_validation without performing external network exfiltration.
  • [PROMPT_INJECTION]: The skill ingests application-generated content (error logs and layout details), creating an attack surface for indirect prompt injection.
  • Ingestion points: ext.mcp.toolkit.app_errors and ext.mcp.toolkit.view_details (SKILL.md)
  • Boundary markers: None present in the provided instructions
  • Capability inventory: CLI execution (dart run) and local file system write access (SKILL.md)
  • Sanitization: No explicit sanitization or filtering of application data is described
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 12:43 AM
Security Audit — agent-trust-hub — flutter-mcp-cli-runtime-validation