ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Basecamp CLI

v2.0.0

CLI and MCP server for Basecamp 4. Use when you need to interact with Basecamp projects, todos, messages, schedules, kanban cards, documents, or campfires. Provides 76 MCP tools for AI-driven project management workflows.

0· 2k·3 current·3 all-time
by@drkraft
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, declared binaries (basecamp-mcp), required env vars (BASECAMP_CLIENT_ID, BASECAMP_CLIENT_SECRET), package.json, and SKILL.md all align with a Basecamp CLI/MCP tool. The npm package produces the required binaries, and OAuth credentials are expected for Basecamp API access.
Instruction Scope
Runtime instructions are scoped to installing the CLI, configuring OAuth, running basecamp/basecamp-mcp, and adding the MCP server to an MCP config. One operational note: the SKILL.md shows examples that embed BASECAMP_CLIENT_SECRET in an MCP server env block (e.g., in a klaude/claude_desktop_config.json snippet). Storing a client secret in an MCP config or passing it to a long-running MCP process is functional but increases where the secret is stored/available — this is expected for an MCP server but worth being aware of.
Install Mechanism
Install uses a public npm package (@drkraft/basecamp-cli) that declares the two expected binaries. This is a standard, traceable mechanism; no suspicious remote download URLs or extract-from-untrusted-host steps were found.
Credentials
The only required environment variables are BASECAMP_CLIENT_ID and BASECAMP_CLIENT_SECRET (primary credential is the client secret) which are appropriate for OAuth-based Basecamp access. No unrelated secrets or wide-ranging credentials are requested. The repo includes logic to encrypt stored access/refresh tokens with a machine-specific key (crypto/os), which is reasonable — note that the client secret itself is expected to be provided by the user and may be present in MCP config when running the server.
Persistence & Privilege
Skill is not always: true and is user-invocable. disable-model-invocation is false (autonomous invocation allowed) which is normal for MCP tools; combined with valid Basecamp credentials this allows an agent to perform actions on the user's Basecamp account. This is expected behavior for an MCP integration but users should understand the blast radius of granting an agent those credentials.
Assessment
This package appears to be a legitimate Basecamp CLI + MCP server and only asks for the Basecamp OAuth client ID/secret it needs. Before installing or configuring it: 1) verify the npm package and GitHub repository (SKILL.md points to https://github.com/drkraft/basecamp-cli) match the package you expect, 2) be cautious about placing your BASECAMP_CLIENT_SECRET into configuration files (MCP config) that other processes or users could read, and 3) remember that enabling the MCP server and giving credentials allows the agent to take actions in your Basecamp account — only enable autonomous use for agents you trust. If you want more assurance, confirm the upstream repository and package owner identity on npm/GitHub before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dtq5ptjxyvg6msmp3p03rw980fk00

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏕️ Clawdis
Binsbasecamp-mcp
EnvBASECAMP_CLIENT_ID, BASECAMP_CLIENT_SECRET
Primary envBASECAMP_CLIENT_SECRET

Install

Install @drkraft/basecamp-cli (npm)
Bins: basecamp, basecamp-mcp
npm i -g @drkraft/basecamp-cli

Comments