hyperstack-mcp-connector
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The implementation in
references/mcp.tsfetches OpenID Connect (OIDC) configuration and user identity details from Clerk's official discovery and userinfo endpoints. This is a standard and safe operation for verifying authentication tokens with a well-known service. - [COMMAND_EXECUTION]: The setup instructions in
references/setup-and-gotchas.mdrecommend standard CLI commands for managing the development environment, such asnpm installfor dependency management andnpx convex deployfor platform deployment. - [DATA_EXFILTRATION]: The
resolveClerkIdentityfunction inreferences/mcp.tssends the user's OAuth access token to the Clerk authentication server. This is the intended behavior for identity resolution and is restricted to the specific, user-configured authentication provider. - [SAFE]: The skill enforces several security best practices, including mandatory authentication (
requireAuth: true), CORS header protection for session security, and the use of Convexinternalfunctions for database operations to ensure that tools can only be invoked through the secure gateway and not directly by external clients.
Audit Metadata