webmcp-context-provider
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions direct the agent to fetch documentation and specifications from the Web Machine Learning Community Group's GitHub Pages site (https://webmachinelearning.github.io/webmcp/). This is a well-known technical resource for the API being implemented.
- [PROMPT_INJECTION]: The skill architecture facilitates providing contextual metadata to an agent, which creates a surface for indirect prompt injection.
- Ingestion points: Data provided via the
metadataobject in thenavigator.modelContext.provideContextmethod calls (SKILL.md). - Boundary markers: The provided code examples and instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings for the metadata field.
- Capability inventory: The skill allows access to high-privilege capabilities including
Bash,Write,Edit, andWebFetchas defined in theallowed-toolssection. - Sanitization: No specific sanitization or validation logic is described for the content of the
metadataobject before it is passed to the agent context.
Audit Metadata