agentation
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill initiates the installation of the
agentationpackage and the execution ofagentation-mcpvia npx. These packages are retrieved from public registries and are not from the defined list of Trusted External Sources. - [COMMAND_EXECUTION] (MEDIUM): The skill executes multiple shell commands including
npm install,claude mcp list, andclaude mcp add. These commands modify the local project environment and the agent's configuration. - [Persistence Mechanisms] (MEDIUM): By running
claude mcp add agentation -- npx agentation-mcp server, the skill establishes a persistence mechanism where theagentation-mcpcode is executed every time the Claude Code environment is initialized. While this is part of the intended setup, it represents a high-privilege persistent operation.
Audit Metadata