rfc-lookup

The described skill is functionally benign in intent (RFC lookup and search). However, the runtime design delegates execution to an unpinned, remotely fetched npm package invoked via npx and to an environment-specified MCP_CALL wrapper. That combination creates a measurable supply-chain and execution risk: if the npm package, the npm registry account, or the MCP_CALL wrapper is compromised or malicious, arbitrary code execution and data exfiltration are possible. There is no direct evidence of embedded malware or hard-coded secrets in this file. Recommendations: avoid runtime npx installs of unpinned packages; pin package versions (and preferably checksums), vendor a vetted client or call a known RFC HTTP API directly, and validate the MCP_CALL wrapper binary or remove the indirection. Inspect the @mjpitz/mcp-rfc package source and the MCP_CALL implementation before running in sensitive environments.