Skills
skills/scalekit-inc/skills/express-mcp-server/Gen Agent Trust Hub

express-mcp-server

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a documentation resource for building secure MCP servers, following the official Model Context Protocol specifications.
  • [SAFE]: Explicitly warns against hardcoding secrets and provides best practices for using environment variables and secret management tools like AWS Secrets Manager or HashiCorp Vault.
  • [SAFE]: Implements mandatory OAuth 2.1 token validation patterns, including audience, issuer, and signature verification via the Scalekit SDK.
  • [SAFE]: Utilizes Zod for type-safe runtime input validation, reducing the risk of malformed data processing in MCP tools.
  • [SAFE]: References official and vendor-verified libraries (@modelcontextprotocol/sdk and @scalekit-sdk/node) consistent with the skill's stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 08:26 PM