Skills
skills/modelcontextprotocol/conformance/new-sep/Gen Agent Trust Hub

new-sep

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various local commands including npm run build, node, gh api, and rg to manage the project's conformance testing infrastructure.
  • [EXTERNAL_DOWNLOADS]: Fetches pull request diffs and file content from the modelcontextprotocol repository on GitHub to populate traceability documentation.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from pull request specifications, creating a surface for indirect prompt injection.
  • Ingestion points: Retrieves pull request patches and file content from GitHub via the gh api command in Step 3.
  • Boundary markers: The instructions do not specify the use of boundary markers or delimiters when processing the extracted specification text.
  • Capability inventory: The agent can execute local shell commands (Steps 0, 2, 3, 8) and perform file system writes (Step 7).
  • Sanitization: There is no evidence of sanitization or filtering of the remote specification text before it is analyzed and written to the YAML output.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 05:33 PM
Security Audit — agent-trust-hub — new-sep