mcp-server-builder

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate MCP server generator, but it needs review because untrusted API specs can be inserted into generated code without safe escaping.

Install only if you are comfortable reviewing generated server code before running it. Use trusted OpenAPI specs, generate into a dedicated directory, inspect server.py or server.ts, and use least-privilege API tokens for any copied outbound API template.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 86% confidence
Finding: The file is labeled as a generic Python MCP server template, but the example actually performs authenticated outbound API calls and acts as a proxy. This mismatch can mislead users into deploying a template with broader trust, data access, and network behavior than expected, increasing the chance of unsafe adoption and accidental credential exposure through downstream use.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The template silently reads API credentials and uses them for authenticated requests without any warning to the user. In a reusable skill/template context, this is dangerous because consumers may incorporate it without realizing it performs privileged outbound actions, which can lead to unintended access to external systems and mishandling of sensitive responses.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal