Skills
skills/vadimcomanescu/codex-skills/mcp-builder/Gen Agent Trust Hub

mcp-builder

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches official protocol specifications and SDK documentation from modelcontextprotocol.io and the official modelcontextprotocol GitHub organization. These are well-known and authoritative sources for the technology.
  • [COMMAND_EXECUTION]: The evaluation utility in scripts/connections.py supports the stdio transport protocol, which involves executing a local command to start an MCP server. This is a core architectural feature of the protocol for local tool integration and is properly implemented using official SDK methods.
  • [INDIRECT_PROMPT_INJECTION]: The evaluation harness in scripts/evaluation.py processes test questions from external XML files. The prompt implementation for the testing agent utilizes specific boundary markers and XML tags to guide the model's output and manage the data ingestion surface effectively.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 07:13 AM
Security Audit — agent-trust-hub — mcp-builder