Pipeworx ipinfo

v1.0.0

IPInfo MCP — wraps ipinfo.io (free tier, no auth required for basic usage)

⭐ 0· 61·0 current·0 all-time

byBruce Gutman@brucegutman

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for brucegutman/pipeworx-ipinfo.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Pipeworx ipinfo" (brucegutman/pipeworx-ipinfo) from ClawHub.
Skill page: https://clawhub.ai/brucegutman/pipeworx-ipinfo
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pipeworx-ipinfo

ClawHub CLI

Package manager switcher

npx clawhub@latest install pipeworx-ipinfo

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

✓

Purpose & Capability

Name/description describe an ipinfo wrapper and the SKILL.md points to an MCP that provides lookup_ip/get_my_ip tools — this matches the stated purpose.

Instruction Scope

SKILL.md directs the agent to add an mcpServers entry that runs 'npx -y mcp-remote@latest https://gateway.pipeworx.io/ipinfo/mcp'. That instructs the agent to fetch and run remote code and to connect to an external gateway; these actions go beyond simple API calls and allow arbitrary network I/O and code execution at runtime.

Install Mechanism

There is no formal install spec, but the suggested connect command uses npx with an unpinned 'latest' package and an external URL. Dynamically fetching and executing mcp-remote@latest is high-risk because the package contents can change and execute arbitrary code on demand.

✓

Credentials

The skill declares no environment variables, credentials, or config paths. It does not request unrelated credentials; the lack of declared secrets is appropriate for the stated purpose.

✓

Persistence & Privilege

The skill does not request 'always: true' and does not declare actions that persist or modify other skills. It requires runtime network/code fetch but no elevated platform privileges in metadata.

What to consider before installing

This skill appears to be a thin wrapper that delegates work to a remote MCP by running 'npx -y mcp-remote@latest' against gateway.pipeworx.io. That means when invoked the agent will download and execute code from npm and connect to an external server, which could perform arbitrary actions or exfiltrate data. Before installing/use, consider: 1) Only proceed if you trust pipeworx.io and gateway.pipeworx.io. 2) Ask the author to provide a pinned package version or the source code for mcp-remote and the MCP endpoint. 3) Prefer running ipinfo calls directly yourself (e.g., curl https://ipinfo.io) if you want minimal risk. 4) If you must use this skill, run it in a sandboxed environment or restrict network access and review the network traffic. 5) If in an enterprise, have security review the mcp-remote package and the remote endpoint. These steps will reduce the risk of executing untrusted remote code or unintended data exposure.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fy3wxc1ytprn6a374y9qmrs84r37g

61downloads

0stars

1versions

Updated 2w ago

v1.0.0

MIT-0

pipeworx-ipinfo

IPInfo MCP — wraps ipinfo.io (free tier, no auth required for basic usage). Free, no API key. Part of Pipeworx.

Tools

lookup_ip
get_my_ip

Connect

{
  "mcpServers": {
    "pipeworx-ipinfo": {
      "command": "npx",
      "args": ["-y", "mcp-remote@latest", "https://gateway.pipeworx.io/ipinfo/mcp"]
    }
  }
}

More at pipeworx.io/packs/ipinfo

Comments

Loading comments...