mcp-cli

The document itself is not malware — it is a legitimate user guide for a CLI that runs third-party MCP servers. However, its recommended workflows inherently allow running untrusted code (npx packages, docker images, and HTTP servers) and passing secrets to those processes. That makes the operational footprint high-risk if users run arbitrary or unverified server-commands. Recommendations: verify sources (git repos, package names, container registries), avoid automatic acceptance flags (avoid -y for npx), prefer least-privilege tokens, sanitize and audit aliases in ~/.mcpt/aliases.json, and treat any third-party MCP server as capable of exfiltrating data. Overall, the content is functionally consistent with its purpose but requires strong user caution when executing remote artifacts.