mcp-builder
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to bypass safety filters or override agent instructions were found. The instructions in the markdown files and scripts are focused on guiding the user through the MCP server development lifecycle.
- [DATA_EXFILTRATION]: No hardcoded credentials or unauthorized network operations were detected. The skill correctly instructs users to use environment variables for sensitive API keys. Network connections are limited to the official Anthropic API and the MCP servers being tested.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute arbitrary code from untrusted sources. It correctly references official documentation and SDKs from the Model Context Protocol's well-known GitHub repositories for reference purposes.
- [COMMAND_EXECUTION]: The evaluation harness (
scripts/evaluation.py) is designed to run local MCP servers via standard input/output (stdio) for testing. This is a standard and documented use case of the Model Context Protocol. The commands and arguments are provided as user input during the tool's execution. - [INDIRECT_PROMPT_INJECTION]: The skill processes evaluation files (XML format) containing user-defined questions. While this is an ingestion point for untrusted data, it is fundamental to the purpose of a test harness. The evaluation script uses structured XML tags (
<summary>,<feedback>,<response>) as boundary markers to help manage the agent's behavior and separate instructions from content.
Audit Metadata