0protocol
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill metadata requires the
mcporterbinary, which is an external dependency from an unverified source. - [COMMAND_EXECUTION] (MEDIUM): Use of the skill involves executing the
mcporterbinary through system shell calls, creating a risk of unauthorized command execution if the binary or its environment is compromised. - [DATA_EXFILTRATION] (LOW): The skill is designed to send signed 'expressions' and 'claims' to an external server at
mcp.0protocol.dev. Although this is the stated purpose, any sensitive data contained in these payloads is shared with an untrusted third-party endpoint.
Audit Metadata