mpp-client-fetch

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references the mppx package from the NPM registry and suggests fetching documentation from official sources, including mpp.dev and Stripe-related samples on GitHub. These are standard informational references for the library's functionality.
  • [COMMAND_EXECUTION]: Provides usage examples for the mppx CLI tool via npx, which is a standard method for executing Node.js-based developer tools.
  • [CREDENTIALS_UNSAFE]: The skill includes positive security guidance by explicitly instructing users to use environment variables (e.g., process.env.WALLET_PRIVATE_KEY) for managing sensitive wallet keys and tokens, rather than hardcoding them in scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:51 PM
Security Audit — agent-trust-hub — mpp-client-fetch