Skills
skills/shimo4228/claude-code-learned-skills/claude-code-mcp-manual-install/Gen Agent Trust Hub

claude-code-mcp-manual-install

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The skill provides shell commands using jq to directly modify ~/.claude.json. This file contains the agent's session data and configuration, making it a high-value target for manipulation.
  • [REMOTE_CODE_EXECUTION] (MEDIUM): The proposed configuration uses npx -y [package-name]. This facilitates the download and execution of arbitrary code from the npm registry without user interaction during the next session start.
  • [PERSISTENCE_MECHANISM] (MEDIUM): By modifying the mcpServers section of the global config file, the skill ensures that any added scripts or servers will be automatically executed every time the Claude Code environment is initialized.
  • [DATA_EXPOSURE] (LOW): The skill targets ~/.claude.json, which contains internal metrics and session statistics. While the instructions are for editing, an agent following these patterns could easily be redirected to exfiltrate the file content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 09:08 AM