mcp-troubleshooting
Warn
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill recommends executing commands with elevated privileges using sudo to modify file ownership. This is a common but high-privilege troubleshooting step.
- Evidence in
SKILL.md:sudo chown -R $(whoami) ~/.npm. - Evidence in
references/debugging-strategies.md:sudo chown -R $(whoami) /usr/local/lib/node_modules. - [REMOTE_CODE_EXECUTION]: Promotes the execution of installation scripts directly from the vendor's GitHub repository.
- Evidence in
references/installation-guide.md:curl -fsSL https://raw.githubusercontent.com/j0kz/mcp-agents/main/install-all.sh | bash. - Evidence in
references/installation-guide.md:irm https://raw.githubusercontent.com/j0kz/mcp-agents/main/install-all.ps1 | iex. - Note: These scripts originate from the vendor's official repository and are treated as vendor resources.
- [EXTERNAL_DOWNLOADS]: Fetches installation scripts and packages from external sources like GitHub and the npm registry.
- Evidence:
npx @j0kz/mcp-agents@latestand references togithub.com/j0kz/mcp-agents/. - [DATA_EXFILTRATION]: Accesses local configuration files that could potentially contain sensitive data or environment variables used by the tools.
- Evidence:
cat ~/.config/claude/mcp-servers-config.jsoninSKILL.md. - [PROMPT_INJECTION]: Presents an attack surface for indirect prompt injection via the processing of untrusted log file data during debugging activities.
- Ingestion points:
references/debugging-strategies.mdsuggests reading and tailing log files such asmcp-*.log. - Boundary markers: Absent.
- Capability inventory: Shell command execution via
npx,curl, andsudo. - Sanitization: Absent.
Audit Metadata