Skills
skills/berriai/litellm-skills/delete-mcp/Gen Agent Trust Hub

delete-mcp

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl via the Bash tool to interact with a LiteLLM proxy. This is used to retrieve lists of servers and send delete requests to the /v1/mcp/server endpoint.
  • [SAFE]: The skill is a standard administrative tool from a known vendor (BerriAI). It requires an API key for authentication but does not hardcode any credentials; instructions for secret management are consistent with best practices using environment variables.
  • [PROMPT_INJECTION]: The skill processes data from external API responses when listing servers.
  • Ingestion points: API response from GET /v1/mcp/server in SKILL.md.
  • Boundary markers: Not present.
  • Capability inventory: Bash(curl:*) for API interaction in SKILL.md.
  • Sanitization: Relies on the agent's parsing and mandatory user confirmation before performing deletions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 10:35 PM
Security Audit — agent-trust-hub — delete-mcp