test-mcp-server

The skill appears coherently aligned with its stated goal of testing MCP servers via an inspector proxy, with two testing modes and corresponding workflows. The footprint is largely proportional to its purpose, though credential handling (optional .env storage) and potential command construction from user-provided URLs warrant careful handling (escaping, validation, and secure storage). No obvious malicious data exfiltration is evident from the fragment, but the use of external binaries or packages should be limited to trusted registries and properly signed artifacts. Overall, the risk is modest (suspicious-to-moderate) and primarily hinges on how installation, credential management, and command assembly are implemented in practice.