webmcp
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill contains no evidence of malicious intent, data exfiltration, or prompt injection. All instructions and scripts are consistent with the stated purpose of assisting developers with the WebMCP API integration.
- [COMMAND_EXECUTION]: The skill includes a local utility script
scripts/find-webmcp-targets.mjsand instructs the agent to execute it using Node.js. This script is designed to inventory frontend files and WebMCP indicators within the local workspace. The script's logic is restricted to read-only file system operations and does not perform network requests or dynamic code execution.
Audit Metadata