mcporter-skill
Warn
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
mcporterbinary via a third-party Homebrew tap (pdxfinder/tap/mcporter). The source repository (github.com/pdxfinder/mcporter) is not identified as a trusted organization or well-known service provider in the analysis context. - [COMMAND_EXECUTION]: The skill facilitates the execution of system commands through the
exectool to interact with themcporterCLI. This allows for listing configurations, performing authentication, and calling MCP tools which may execute arbitrary logic on the host system. - [PROMPT_INJECTION]: The skill acts as an interface for processing data through external MCP servers, creating a surface for indirect prompt injection.
- Ingestion points: External data enters the agent context via command-line arguments and tool call outputs as described in
SKILL.md. - Boundary markers: The instructions do not define delimiters or provide specific instructions to the agent to treat external tool output as untrusted data.
- Capability inventory: The skill has access to the host's command execution environment via the
exectool. - Sanitization: There is no evidence of input validation, escaping, or output sanitization within the skill definition.
Audit Metadata