Skills
skills/assistant-ui/skills/react-mcp/Gen Agent Trust Hub

react-mcp

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The documentation references downloading UI configurations from https://r.assistant-ui.com/mcp-config.json. This is an official resource from the vendor used for component distribution.
  • [DATA_EXFILTRATION]: The skill describes using McpLocalStorage for persisting authentication tokens. It includes explicit security notes identifying that this method is XSS-exposed and recommends using McpCustomStorage with secure backends for production environments.
  • [PROMPT_INJECTION]: The skill enables users to connect to third-party MCP servers, creating an inherent surface for indirect prompt injection if a server provides malicious tools.
  • Ingestion points: User-defined URLs in the McpAddFormPrimitive component.
  • Boundary markers: MCP tools are namespaced by server ID (e.g., serverId__toolName).
  • Capability inventory: The skill exposes an API for executing remote tools from connected servers.
  • Sanitization: The documentation does not specify sanitization of tool outputs, relying on host application logic and LLM safety layers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 07:43 PM
Security Audit — agent-trust-hub — react-mcp