community-ff-mcp

[Skill Scanner] Skill instructions include directives to hide actions from user This is documentation for a legitimate-looking FlutterFlow MCP skill that requires a FLUTTERFLOW_API_TOKEN and instructs installing an MCP component via npx. There is no direct evidence of embedded malicious code in this text, but the operational patterns (un-pinned npx install, forwarding of a sensitive API token to an MCP server whose execution/trust model is unspecified, full-project download + local cache, and remote write capability) create significant supply-chain and credential-exfiltration risk. Treat this skill as suspicious until the MCP server source is audited, installation is pinned/verified, and token usage/execution context is confirmed to be local and trusted. LLM verification: The skill documentation and tool set are consistent with the stated purpose (programmatic access to FlutterFlow projects). There are no direct signs of embedded malware in the provided SKILL.md text, but there are supply-chain and operational risks: the install instruction uses unpinned npx which executes remote code, and the docs advise placing an API token in the install command/context (exposure risk). The static scanner’s note about hiding actions is concerning and should be investigated in