Skills
skills/archieindian/openclaw-superpowers/mcp-health-checker/Gen Agent Trust Hub

mcp-health-checker

Warn

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script check.py utilizes subprocess.Popen to run commands and arguments defined in MCP configuration files (e.g., mcp.yaml, mcp.json). This occurs in the probe_stdio_server function during health probes.
  • [EXTERNAL_DOWNLOADS]: For servers using the HTTP transport, the probe_http_server function in check.py performs network requests using urllib.request.urlopen to URLs specified in the user's configuration files.
  • [REMOTE_CODE_EXECUTION]: Because the skill executes programs and parameters directly from external configuration files, it enables a path for code execution. If an attacker or a malicious process modifies the configuration files targeted by the skill, they can execute arbitrary code with the agent's permissions.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from external sources.
  • Ingestion points: Reads MCP server definitions and environment variables from ~/.openclaw/config/mcp.yaml and related paths; processes stdout from probed subprocesses in check.py.
  • Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands in the processed data.
  • Capability inventory: Includes subprocess.Popen for command execution and urllib.request for network operations.
  • Sanitization: None; commands, arguments, and URLs from the configuration are used directly without validation or escaping.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 21, 2026, 05:55 AM