mcp-cli
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes external processes to communicate with MCP servers using the stdio transport. These commands are sourced from the user's local configuration file (~/.mcp-cli/servers.json) and are necessary for the tool's core functionality.
- [SAFE]: The skill reads local configuration files (~/.claude/settings.json and ~/.claude.json) to seed its own server registry. This is a documented feature designed to provide interoperability with other MCP-compatible applications.
- [SAFE]: Network operations are performed to interact with HTTP-based MCP servers. These requests are directed to URLs and use headers defined by the user in the local configuration file and do not involve communication with hardcoded or suspicious external domains.
Audit Metadata