Skills
skills/oimiragieo/agent-studio/mcp-builder/Gen Agent Trust Hub

mcp-builder

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill provides instructions for identifying and accessing local configuration files for AI coding tools (e.g., Claude Code, Cursor, Windsurf, Cline, IntelliJ). These paths (such as ~/.claude.json and mcp_settings.json) are sensitive as they contain tool configurations.
  • [PROMPT_INJECTION]: The skill's instructions involve reading content from local memory files and remote documentation using a broad set of capabilities (Bash, WebFetch, Read/Write), creating a surface for indirect prompt injection.
  • Ingestion points: SKILL.md (local memory files, protocol documentation URLs)
  • Boundary markers: Absent
  • Capability inventory: Read, Write, Edit, Bash, Glob, Grep, WebFetch as defined in SKILL.md frontmatter
  • Sanitization: Absent
  • [EXTERNAL_DOWNLOADS]: Fetches documentation and recommends using official packages from the @modelcontextprotocol organization, which is a well-known service for this protocol.
  • [SAFE]: The provided scripts and hooks (main.cjs, pre-execute.cjs, post-execute.cjs) are standard scaffolds or lifecycle handlers that do not contain malicious code.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:28 AM
Security Audit — agent-trust-hub — mcp-builder