nextjs-devtools

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] No explicit malicious code is present in the provided skill documentation. However, the runtime model (invoking `npx next-devtools-mcp@latest`, starting an MCP server, and lack of documented endpoints or sandboxing) introduces supply-chain and data-exfiltration risks: code downloaded at runtime could be malicious, and project files/configs could be sent to unspecified MCP endpoints. Recommend treating the skill as suspicious until the package source, publisher identity, pinned versions/checksums, and MCP broker endpoints are verified; run it in an isolated environment and inspect the package contents before use. LLM verification: Functional behavior appears consistent with the stated purpose (inspecting Next.js projects). The main security concern is the workflow that runs remote, unpinned code via npx with filesystem and network capability and lacks transparency about endpoints or file access whitelist. This creates a supply-chain/data-exfiltration risk rather than immediate evidence of malware. Recommended actions: audit the package source (repo and published package), pin to a known-good release or vendor-provided che