mcp-to-skill

v1.0.0

Converts any MCP server into a standalone skill package with zero runtime dependencies (no MCP process required). Trigger when user says: "convert this MCP t...

⭐ 1· 210·0 current·0 all-time

by@jalanchao

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for jalanchao/mcp-to-skill.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "mcp-to-skill" (jalanchao/mcp-to-skill) from ClawHub.
Skill page: https://clawhub.ai/jalanchao/mcp-to-skill
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install mcp-to-skill

ClawHub CLI

Package manager switcher

npx clawhub@latest install mcp-to-skill

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

high confidence

Purpose & Capability

The skill claims to convert an MCP server to a skill without runtime dependencies, but the SKILL.md and mcp_inspector.py require runtime tools: Python, pip, the 'mcp' Python package, npm, tar and ability to start the provided MCP command. Registry metadata lists no required binaries/env vars, which is inconsistent with what the skill actually needs to do.

Instruction Scope

Instructions tell the agent to: run the user-supplied MCP start command (which spawns arbitrary code), run mcp_inspector.py, download and extract npm packages, read/write temp files (/tmp/...), read source code (when available), and execute inferred read-only HTTP/CLI commands for verification. These actions are within the stated conversion purpose but give the skill broad discretion to execute user-provided commands and contact external networks; that expands scope beyond a simple static analysis tool.

Install Mechanism

There is no formal install spec, but runtime steps include 'pip install mcp' and mcp_inspector.py calls 'npm pack' and 'tar' to download and extract packages into /tmp. Downloading, extracting, and interacting with npm packages from arbitrary package names is higher risk and is not declared in the registry metadata.

Credentials

The skill declares no required env vars or credentials, yet SKILL.md instructs reading secrets.json and environment variables (e.g., X_API_TOKEN) for generated skills, and mcp_inspector will create files under /tmp and a cache dir. The skill may therefore access local secrets or tokens implicitly even though none are declared.

✓

Persistence & Privilege

always is false and the skill does not request forced/system-wide persistence. The SKILL.md instructs registering the generated skill with the agent (expected for its purpose). Autonomous invocation (model invocation enabled) is default but not by itself a new risk here.

What to consider before installing

This skill performs network downloads, extracts npm packages, and runs a user-supplied MCP start command — which will execute arbitrary code. Before installing or running it: (1) do not run it with sensitive credentials present; remove or rotate tokens you don't want exposed; (2) prefer providing a schema JSON instead of a start command so no remote package is executed; (3) run mcp_inspector and the skill generation in an isolated environment (container/VM) and inspect the extracted package and generated SKILL.md/secrets.json before registering; (4) expect the skill to call pip/npm/tar at runtime — if you require an explicit install policy or denylist, ask the author to declare required binaries and to avoid auto-downloading packages. These mismatches (no declared binaries/env but runtime downloads and execution) are why I rate the package suspicious.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dy8swvhzcteajzwe6wzxv7n834pm6

210downloads

1stars

1versions

Updated 18m ago

v1.0.0

MIT-0

mcp-to-skill

Converts an MCP server into a zero-dependency skill package so AI agents can invoke tools directly via Bash commands, without launching an MCP process or injecting all tool definitions upfront.

Step 1: Get MCP information

Determine the input type:

A — User provided a command string / local path / URL: Confirm the command is available, proceed to Step 2.

B — User pasted tool schema JSON: Save the JSON to a temp file, skip Step 2, go directly to Step 3. Use the Write tool to save the pasted JSON to /tmp/mcp-schema-input.json. In Step 3, use --schema-json /tmp/mcp-schema-input.json.

C — User hasn't specified, wants to pick from registered MCPs: List the MCPs currently registered with the agent and let the user choose. In Claude Code: run claude mcp list

Language preference: If the user specifies a language for the generated skill (e.g. "generate in Chinese", "用中文生成"), note it and apply it to all generated files in Step 5. Default is English.

Step 2: Run mcp_inspector.py (only for input type A or C)

Locate mcp_inspector.py: it is in the same directory as this SKILL.md. Determine the absolute path of that directory from the path information provided by the agent framework when loading this skill, then run:

# Ensure mcp SDK is installed
pip show mcp > /dev/null 2>&1 || pip install mcp

python /path/to/skill-dir/mcp_inspector.py "<MCP command>" --output /tmp/mcp-inspector-output.json

Example output:

✓ Written to /tmp/mcp-inspector-output.json: 12 tools, source: /tmp/mcp-to-skill-cache/server-github

Use the Read tool to read /tmp/mcp-inspector-output.json and extract: server_name, source_path (may be null), tools[].

Step 3: AI analysis — infer equivalent commands

Read the inspector output (or the schema file from Step 1B).

If source_path is not null: Use Read / Grep tools to read the source files, locate the implementation for each tool, and extract:

HTTP endpoint (URL, method, headers, body structure)
or CLI invocation pattern

If source_path is null: Infer reasonable equivalent commands based solely on each tool's description and inputSchema.

Write a command draft for each tool with a confidence marker:

[VERIFIED] — confirmed by source code (only when source is available)
[INFERRED] — AI-inferred, logically sound but untested (max level when source_path is null)
[TODO] — cannot be auto-generated, leave a placeholder with explanation

Step 4: Test read-only commands

For each [INFERRED] command that is a read-only operation (GET request, query), execute it with the Bash tool:

Pass → upgrade to [VERIFIED]
Fail → keep [INFERRED], add a comment above the command noting the failure reason
Write operations (POST/PUT/DELETE, file modifications) — skip testing, keep [INFERRED]
[TODO] items — do not test

Step 5: Generate skill package

Create the skill directory in the user's current working directory (or a user-specified path):

<mcp-server-name>/
  SKILL.md
  config.json            # public config (safe to commit)
  secrets.json           # secrets (gitignored, never commit)
  secrets.json.example   # secrets template (safe to commit)
  .gitignore
  helpers/               (create on demand, do not pre-create empty)
    tools-extended.md    (when tool count > 8)
    <tool>.py / <tool>.sh  (when logic cannot fit in a single command)

Progressive disclosure rules:

tool count ≤ 8: write all tools into the SKILL.md quick-reference section
tool count > 8: SKILL.md lists only the 8 most common tools; the rest go into helpers/tools-extended.md; add a note at the bottom of SKILL.md: "More tools: see helpers/tools-extended.md"

SKILL.md frontmatter template:

---
name: <server-name>
description: |
  [When to use]: <summarize usage scenarios from tool descriptions>
  [Does]: <core capabilities>
  [Does NOT]: <explicitly excluded scenarios>
  [Requires]: <runtime dependencies; write "no runtime dependencies" if none>
---

Config file separation (secret safety):

config.json — public config only, safe to commit:

{
  "endpoint": "<base URL extracted from source, or leave as placeholder>"
}

secrets.json — secrets only, must be gitignored:

{
  "auth_token": "<actual token>"
}

secrets.json.example — secrets template, safe to commit, for onboarding:

{
  "auth_token": "your-api-token-here"
}

.gitignore — contents:

secrets.json

Read order for scripts: secrets.json → environment variable (e.g. X_API_TOKEN). If both are empty, error and prompt user to copy the example file and fill it in.

Important: config.json and secrets.json are read on every tool call (not cached at startup).

Language: Generate all text content in the language specified in Step 1. Default is English.

If skill-creator is loaded in the agent context: Pass the analysis results (tool list + inferred commands + confidence markers) to skill-creator to generate SKILL.md.

Step 6: Register skill with the current AI agent

Goal: register the generated skill directory so it is immediately available. Probe in order and use the first that works:

Check if npx skills is available:
```
which npx && npx skills --version 2>/dev/null
```
If available: npx skills add <skill-path> -g -y
Check if running in Claude Code:
```
claude --version 2>/dev/null
```
If available: symlink to ~/.claude/skills/<skill-name>:
```
ln -sf <skill-path> ~/.claude/skills/<skill-name>
```
Note: /add-dir is an interactive slash command and cannot be called via Bash.
If neither applies: output the skill path and tell the user how to register manually:

"Skill generated at <path>. Please register it with your AI agent. Claude Code users: run /add-dir <path> npx skills users: run npx skills add <path> -g"

Step 7: Ask about removing the original MCP (optional)

Only prompt when Step 1 was type A or C (not pasted schema):

"MCP <server-name> has been converted to a skill. Would you like to remove the MCP configuration from your AI agent?"

User confirms → assist with removal (agent decides how)
User declines or no response → skip, skill and MCP can coexist

Comments

Loading comments...