mcp-to-skill
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a legitimate developer tool for transitioning between different agent protocol formats.
- [COMMAND_EXECUTION]: The skill instructions involve running a local Python script (
scripts/analyze_mcp.py) to parse project files and using standard development commands likechmod +xon generated scripts. These are transparent, user-initiated actions consistent with the skill's purpose. - [DATA_EXPOSURE]: The analysis script recursively reads local source files within a user-specified project directory to extract metadata about tools, resources, and prompts. It does not access known sensitive paths (e.g., SSH keys, AWS credentials) and does not perform network operations.
Audit Metadata