mcporter
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill relies on
npx --yes mcporterto fetch and execute the MCPorter CLI from the npm registry if it is not already installed. This occurs in therun_mcporterfunction withinscripts/mcporter.sh. - [COMMAND_EXECUTION]: The script
scripts/mcporter.shuses a Python inline script to execute shell commands viasubprocess.run(). This pattern is used to implement a timeout mechanism for the MCP tool calls. - [DATA_EXPOSURE]: The skill's primary purpose is to discover and interact with MCP server configurations from various sources like OpenCode, Cursor, and Claude. This involves reading local configuration files (e.g.,
./config/mcporter.json) which may contain sensitive connection details or tool definitions. - [INDIRECT_PROMPT_INJECTION]: The skill acts as a bridge to external MCP tools. Since it can call arbitrary tools with user-provided arguments (e.g.,
firecrawl.scrape url=https://example.com), it provides a surface where untrusted data from the internet could be ingested into the agent's context through the output of those tools.
Audit Metadata