The Agent Skills Directory

[SAFE]: The skill provides templates and documentation for developing MCP servers. It includes a security-focused 'Pre-Deploy Checklist' that explicitly warns against hardcoding secrets and using untrusted dependency sources.
[COMMAND_EXECUTION]: Shell commands provided in the documentation (e.g., pip install, fastmcp dev, git push) are standard development workflows intended for manual execution by the user to scaffold, test, and deploy their servers.
[EXTERNAL_DOWNLOADS]: The skill references standard, well-known Python packages in requirements.txt and pyproject.toml (such as fastmcp, httpx, pydantic, and cryptography) which are appropriate for the tool's purpose. It also provides patterns for interacting with external APIs via httpx, which are gated by user-provided environment variables.
[DATA_EXFILTRATION]: No unauthorized data collection or exfiltration patterns were detected. The use of psutil in some templates is documented for the specific purpose of providing system health checks (CPU, memory, and disk usage) within the MCP resource model.
[INDIRECT_PROMPT_INJECTION]: As a development tool, the skill defines an attack surface by creating interfaces (tools and resources) that ingest external data. However, it incorporates safety measures such as Pydantic validation and provides guidelines for handling errors and sanitizing outputs.

mcp-builder