mcp-builder
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to be a coherent MCP-server development guide; its main cautions are live external documentation and possible use of real service data during evaluations.
This skill is reasonable to install as a development guide. Before using it on real services, verify any fetched documentation, review generated MCP servers for write/destructive actions, and avoid putting private production data into evaluation artifacts.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Evaluation files could accidentally contain private workspace or customer information if the user runs the process against production data.
The evaluation process can pull real service content into generated QA/evaluation artifacts, and the answer examples include potentially personal data such as emails, phone numbers, or message strings.
Inspect content using READ-ONLY and NON-DESTRUCTIVE operations ONLY ... identify specific content (e.g., users, channels, messages, projects, tasks)
Use staging or non-sensitive sample data where possible, and review/anonymize evaluation questions and answers before sharing or committing them.
A generated MCP server could create or modify resources in connected services if the builder implements write-capable tools.
The guide encourages building MCP tools that may perform state-changing actions in external services. This is aligned with the skill purpose, but generated tools may need confirmation, scoping, and rollback safeguards.
build thoughtful, high-impact workflow tools ... `schedule_event` that both checks availability and creates event
Review generated tools before connecting real accounts, especially any create/update/delete operations, and add explicit user confirmation for high-impact actions.
Generated code or design choices may vary depending on the current state of external documentation.
The skill intentionally relies on live, mutable external documentation and web search to guide implementation. That is purpose-aligned, but the fetched content can change over time.
Use WebFetch to load: `https://modelcontextprotocol.io/llms-full.txt` ... `https://raw.githubusercontent.com/modelcontextprotocol/python-sdk/main/README.md`
Prefer official sources, verify fetched documentation before relying on it, and pin SDK versions or documentation snapshots when reproducibility matters.