mcp-cli

SUSPICIOUS. The skill’s purpose and capabilities mostly align: it is a shell-oriented wrapper for MCP tools. The main risk is not overt malware but breadth: it can register arbitrary stdio commands and arbitrary HTTP MCP endpoints, then forward credentials and data to them. Package installation looks conventional, but data-flow trust depends entirely on which MCP servers the user adds.