The Agent Skills Directory

[UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill installs the main adapter and various MCP servers (such as GitHub and Filesystem servers) from the NPM registry using 'pi install' and 'npx'. These references target standard packages and well-known technology providers.\n- [DYNAMIC_EXECUTION]: Core functionality involves dynamically loading and executing tool definitions from external servers, which is the intended purpose of an MCP adapter.\n- [DATA_EXPOSURE_AND_EXFILTRATION]: Configuration examples include management of API tokens and access keys via environment variable interpolation (${VAR}), which avoids hardcoding sensitive credentials.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external tools and servers. While this presents a potential attack surface, it is a standard characteristic of agents that interact with external data and the skill does not introduce unique vulnerabilities.

pi-mcp-adapter