Skills
skills/ian-pascoe/dotfiles/mcporter/Gen Agent Trust Hub

mcporter

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the mcporter CLI, which supports the execution of shell commands via the --stdio flag (e.g., mcporter call --stdio "bun run ./server.ts" scrape). It also includes commands to manage a background daemon process using mcporter daemon start and mcporter daemon stop.
  • [EXTERNAL_DOWNLOADS]: The skill configuration specifies the installation of the mcporter Node.js package and provides functionality to interact with tools hosted at external URLs (e.g., mcporter call https://api.example.com/mcp.fetch).
  • [CREDENTIALS_UNSAFE]: The CLI includes dedicated commands for handling server authentication and configuration, such as mcporter auth and mcporter config login/logout, which are designed to manage sensitive access tokens and credentials.
  • [DATA_EXFILTRATION]: The tool facilitates network operations to communicate with remote MCP servers, which could be used to transmit data to external domains during tool invocation or schema fetching.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 03:29 AM