Skills
skills/aaaaqwq/claude-code-skills/mcp-installer/Gen Agent Trust Hub

mcp-installer

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • REMOTE_CODE_EXECUTION (HIGH): The skill is designed to find and configure npx commands from untrusted GitHub repositories. Using npx -y [package]@latest downloads and executes code immediately upon use. There is no verification of package integrity or author reputation, allowing an attacker to distribute malicious MCP servers.
  • COMMAND_EXECUTION (HIGH): The skill modifies the ~/.claude.json configuration file. This file defines tools that the agent can execute. By adding entries to the mcpServers section, the skill creates a persistent execution vector on the user's machine.
  • EXTERNAL_DOWNLOADS (MEDIUM): The workflow involves searching GitHub and fetching repository contents (READMEs) to extract installation strings. It treats third-party, potentially adversarial content as authoritative instructions for system configuration.
  • DATA_EXFILTRATION (MEDIUM): The skill requires permissions to read and write ~/.claude.json. This file often contains sensitive environment variables, authentication tokens, and API keys for other tools. An automated process modifying this file could inadvertently expose or corrupt these secrets.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:22 PM