openrouter

The OpenRouter Documentation Skill presents a coherent, documentation-focused tool that maps to its stated purpose of providing API usage references and guidance. Its footprint—reading and conveying API details, standard REST interactions, and SDK references—remains proportionate and appropriate for developers integrating OpenRouter. No harmful data flows or credential harvesting patterns are evident. Guardrails around API key handling should be followed (avoid embedding keys in samples). Overall, the skill is BENIGN with respect to security posture, though standard credential hygiene considerations apply.

This code is not obviously malicious on its own (no built-in exfiltration logic, no obfuscation), but it contains high-risk operations and insecure defaults: it auto-installs/runs an npm package via npx, exposes local filesystem directories to an MCP filesystem server, and forwards file contents to an external OpenRouter/OpenAI service. These behaviors can easily be abused by a malicious or compromised MCP server package to exfiltrate sensitive files or execute arbitrary code. Treat this example as potentially dangerous in real deployments unless the server binary is verified, allowed directories are restricted, and outputs are inspected/redacted before being sent to remote providers.