netlify-mcp-servers

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions or code snippets. The skill is authored by the platform vendor (Netlify) and uses appropriate security primitives.
  • [EXTERNAL_DOWNLOADS]: Recommends the use of official and well-known libraries: @modelcontextprotocol/sdk (the official SDK for the Model Context Protocol) and zod (a industry-standard schema validation library).
  • [COMMAND_EXECUTION]: Instructs the user to use standard development and deployment tools including the Netlify CLI (netlify dev, netlify deploy) and openssl for local secret generation.
  • [DATA_EXFILTRATION]: Demonstrates secure handling of authentication tokens. It uses the node:crypto module's timingSafeEqual function to mitigate timing attacks and emphasizes storing sensitive tokens in Netlify's encrypted environment variables rather than hardcoding them.
  • [PROMPT_INJECTION]: Addresses potential indirect prompt injection vulnerabilities by recommending zod for strict input validation and providing guidance on using tool descriptions to enforce human-in-the-loop confirmation for sensitive actions.
  • Ingestion points: Tool handlers in SKILL.md (e.g., get_item) receive input arguments directly from the AI client's request.
  • Boundary markers: The skill advises using tool descriptions to set behavioral boundaries for the AI agent, such as requiring explicit user confirmation before executing a tool.
  • Capability inventory: The code provides a framework for creating serverless tools that can execute arbitrary logic (e.g., database reads in getItem) within the Netlify Functions environment.
  • Sanitization: Implements zod schema validation for all tool inputs to ensure only expected data types and structures are processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:34 PM
Security Audit — agent-trust-hub — netlify-mcp-servers