releases-mcp

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is a standard tool definition for searching and retrieving software release information from a dedicated MCP service (Releases.sh). It does not contain executable code or dangerous system commands.
  • [DATA_EXFILTRATION]: No patterns of sensitive data access or unauthorized exfiltration were identified. The skill interacts with public software registry data.
  • [PROMPT_INJECTION]: The instructions do not contain any patterns attempting to override agent behavior, bypass safety guardrails, or leak system prompts.
  • [REMOTE_CODE_EXECUTION]: No remote code execution patterns, such as piping network downloads to a shell or installing untrusted dependencies, were found.
  • [COMMAND_EXECUTION]: The skill uses a defined set of MCP tools for data retrieval and does not invoke arbitrary shell commands or perform high-risk system operations.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 11:19 PM
Security Audit — agent-trust-hub — releases-mcp