mcp-server-craft
Pass
Audited by Gen Agent Trust Hub on May 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill serves as a purely assistive and educational resource for developers building MCP servers. It provides architectural patterns, tool design principles, and hardening strategies without implementing any malicious logic or dangerous instructions.
- [EXTERNAL_DOWNLOADS]: The skill references documentation and design guidelines from trusted organizations, specifically AWS Labs and the official Model Context Protocol repository. These external references are used to provide authoritative context for the skill's instructional content.
- [COMMAND_EXECUTION]: Contains code snippets illustrating how to implement security controls in custom servers. This includes Python examples for AST scanning to detect dangerous functions like
execorsubprocess.popen, and path validation logic to prevent directory traversal. These are defensive coding patterns intended for educational purposes and are not executed by the skill itself.
Audit Metadata