Skills
skills/aradotso/mcp-skills/mcp2cli-api-to-cli/Gen Agent Trust Hub

mcp2cli-api-to-cli

Warn

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute arbitrary local commands through the --mcp-stdio flag, which allows for spawning subprocesses like npx packages or custom scripts.
  • [EXTERNAL_DOWNLOADS]: The skill guides the agent to install the mcp2cli tool from external registries (NPM and PyPI) and potentially unverified GitHub repositories.
  • [CREDENTIALS_UNSAFE]: The documentation describes how to pass sensitive authentication secrets to the tool by reading from local files (e.g., file:/run/secrets/client_secret) or environment variables (e.g., env:API_TOKEN).
  • [DATA_EXFILTRATION]: By facilitating connections to arbitrary remote URLs with custom authentication headers, the skill provides a mechanism for the agent to transmit data to external endpoints.
  • [REMOTE_CODE_EXECUTION]: The bake install feature allows the agent to create and install executable wrapper scripts in the user's binary search path (such as ~/.local/bin/), which establishes a form of persistence and allows for the execution of generated code patterns.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 06:22 PM
Security Audit — agent-trust-hub — mcp2cli-api-to-cli