express-mcp

[Skill Scanner] Destructive bash command detected (rm -rf, chmod 777) All findings: [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] [CRITICAL] command_injection: Destructive bash command detected (rm -rf, chmod 777) (CI004) [AITech 9.1.4] BENIGN: The fragment describes conventional project bootstrap steps for an Express.js + TypeScript MCP server published on npm, using standard Git and npm workflows. No suspicious data access, credential usage, or outbound network activity is evident in the snippet. Overall footprint is proportionate to its stated purpose. LLM verification: The SKILL.md fragment itself is not malicious code; it is setup documentation. However, it contains multiple risky operational instructions: destructive rm -rf commands, fragile dotfile moves, and an instruction to remove git provenance. The real supply-chain risk depends on the cloned repository and its package.json lifecycle scripts. Recommend not running destructive commands blindly, verify and pin the repository source, inspect package.json and lockfiles before npm install, and prefer npm ci