nocobase-mcp-setup
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides shell commands for users to configure their MCP client. These commands interact with the
codexandclaudeCLI tools to register the NocoBase server. - [CREDENTIALS_UNSAFE]: The skill includes instructions for handling authentication tokens. It follows security best practices by using environment variables (
NOCOBASE_API_TOKEN) and placeholders (<your_api_key>) for user-specific sensitive data instead of hardcoding any credentials. - [EXTERNAL_DOWNLOADS]: The skill refers to NocoBase application endpoints (e.g.,
http(s)://<host>:<port>/api/mcp) which are defined by the user for their own hosted instances. No unauthorized or suspicious external downloads are initiated.
Audit Metadata