mcp-builder
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions and code examples align with its stated purpose of assisting in MCP server development. No evidence of prompt injection, data exfiltration, or malicious persistence was found.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface common to developer agents that process external data, though no specific vulnerability was detected.
- Ingestion points: The agent reads project files and execution logs using file system operations and bash commands as part of its development workflow (SKILL.md).
- Boundary markers: Absent; there are no specific instructions to use delimiters or ignore embedded instructions when reading external files.
- Capability inventory: The agent utilizes
bashfor command execution,gitfor version control, and standard file operations (SKILL.md). - Sanitization: No explicit sanitization or validation of ingested content is specified in the instructions.
Audit Metadata