configure-putior-mcp
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Downloads the mcptools package from Posit's official GitHub repository and the putior package from the author's own repository. Both sources are recognized as trusted or vendor-owned.
- [COMMAND_EXECUTION]: Uses shell commands to register the MCP server with the Claude Code client and provides instructions for starting an ACP server session using Rscript.
- [PROMPT_INJECTION]: The configuration enables tools such as put and put_auto that ingest content from files in the user's codebase. This creates an indirect prompt injection surface where instructions embedded in code comments could attempt to influence the agent's behavior.
- Ingestion points: Codebase files processed by the put, put_auto, and put_generate tools.
- Boundary markers: No delimiters or instructions to ignore embedded commands are specified in the setup process.
- Capability inventory: The skill allows broad capabilities including Bash, Read, Write, Edit, Grep, and Glob.
- Sanitization: No sanitization or filtering of codebase content is performed before processing.
Audit Metadata