mcp-client

[Skill Scanner] Installation of third-party script detected No explicit malicious code is present in the provided skill documentation. The component behaves as a connector/orchestration utility: it reads config, enumerates tools, and invokes them via network or local subprocesses. The primary security concerns are operational: storing API keys in predictable files, trusting config-controlled endpoints (credential exfiltration risk), and allowing arbitrary subprocess execution via configured commands (remote code execution risk if config is tampered). Treat this package as needing operational controls: restrict config file access, validate endpoints/commands before use, and prefer secure secret storage. With those mitigations, the tool can be used safely for its intended purpose. LLM verification: The skill is conceptually legitimate (a universal MCP client). It is not demonstrably malicious from the provided documentation, but it contains multiple supply-chain and credential-exposure risks: unpinned dependencies, execution of npm packages via npx, storage of API keys in plaintext JSON, and acceptance of arbitrary URLs/commands without validation. These allow realistic credential exfiltration and remote code execution if an attacker can influence config or package sources. Recommended mit