The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (HIGH): The skill relies on npx to download and run the mcporter package and other arbitrary MCP servers (e.g., npx -y chrome-devtools-mcp@latest). This fetches and executes unvetted code from the npm registry without version pinning or integrity checks. \n- [REMOTE_CODE_EXECUTION] (HIGH): The core functionality involves fetching and executing code from remote sources. Nested execution patterns like npx mcporter call --stdio "npx -y some-mcp-server@latest" represent a significant remote code execution risk as it chains multiple unvetted package executions. \n- [COMMAND_EXECUTION] (MEDIUM): The skill generates and executes shell commands through npx. Without strict sanitization of tool names, server names, or arguments provided by the user or external data, this surface is vulnerable to command injection. \n- [DATA_EXFILTRATION] (LOW): The ability to connect to arbitrary HTTP URLs via the --http-url flag provides a mechanism for the agent to transmit data to external, non-whitelisted domains. \n- [DYNAMIC_EXECUTION] (MEDIUM): The emit-ts and generate-cli commands enable writing generated code to the local filesystem (e.g., --out types/server.d.ts). This capability allows the skill to modify or create files, posing a risk of file system manipulation or unauthorized code injection. \n- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes output from external MCP servers. A malicious server response could contain instructions designed to hijack the agent's logic, and the skill lacks explicit sanitization or boundary markers for this ingested data. (Ingestion: npx mcporter call; Boundary markers: Absent; Capability: npx/subprocess/file-write/network; Sanitization: Absent)

mcporter