Skills
skills/malue-ai/dazee-small/mcporter/Gen Agent Trust Hub

mcporter

Warn

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The mcporter CLI includes a --stdio flag that enables the execution of arbitrary shell commands (e.g., bun run ./server.ts). This allows the agent to spawn local processes based on user or server-provided strings.
  • [EXTERNAL_DOWNLOADS]: The skill's metadata specifies the installation of the mcporter package from the Node.js registry. Additionally, the call command supports interacting with remote HTTP MCP servers, leading to external network requests.
  • [REMOTE_CODE_EXECUTION]: The tool includes features for code generation (generate-cli and emit-ts), which create executable CLI wrappers or TypeScript types based on remote server schemas. This could lead to the creation and execution of malicious code if a remote server provides a compromised schema.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from remote MCP servers that are then processed by the agent.
  • Ingestion points: Data enters the agent's context through mcporter list <server> --schema and the results of mcporter call <server.tool>.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are documented for the output of these tools.
  • Capability inventory: The tool can execute shell commands via --stdio, perform network operations via HTTP tools, and write files via the generate-cli command.
  • Sanitization: There is no evidence of validation or sanitization of the schemas or data returned by external MCP servers before they are used to influence agent behavior or generate code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 6, 2026, 04:19 PM