pal-mcp-server-multi-model-orchestration
Fail
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill's configuration and installation instructions execute code directly from a non-trusted repository (github.com/BeehiveInnovations/pal-mcp-server.git) using the
uvxcommand with a shell loop in the MCP configuration. - [COMMAND_EXECUTION]: The
clinktool is explicitly designed to spawn external CLI subagents (such as Gemini CLI, Codex CLI, and Claude Code) on the local host. This capability provides a bridge to execute arbitrary system commands via these third-party tools. - [EXTERNAL_DOWNLOADS]: The documentation encourages users to clone a repository from an unverified source and execute an automated setup script (
./run-server.sh) that handles configuration and API key management. - [CREDENTIALS_UNSAFE]: The skill requires the input and storage of multiple sensitive API keys (Gemini, OpenAI, OpenRouter, xAI, Azure OpenAI) as environment variables or in
.envfiles to function.
Recommendations
- AI detected serious security threats
Audit Metadata