configure
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs various MCP (Model Context Protocol) servers and development dependencies from the NPM registry, including packages from well-known providers like Upstash and Anthropic.
- [COMMAND_EXECUTION]: Utilizes the Bash tool to perform standard administrative tasks such as creating plugin directories, copying configuration templates, and managing local dependencies via NPM.
- [REMOTE_CODE_EXECUTION]: Configures MCP servers for dynamic execution via npx, allowing the model to load and run server logic from remote packages. It includes a secure pattern for injecting API keys using the 1Password CLI (op read) within a shell wrapper to avoid plaintext credential storage.
Audit Metadata