MCP Tool Utils

PassAudited by ClawScan on May 10, 2026.

Overview

This is a documentation-only MCP helper with no included code; it looks purpose-aligned, but users should be careful with the external MCP servers, API keys, and any separate CLI they choose to run.

This skill does not include runnable code, so there is no artifact evidence of malicious behavior. Before using it, verify any separate `mcp-tool-utils` executable, only connect trusted MCP servers, and protect provider API keys in configuration files.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI02: Tool Misuse and Exploitation

What this means

Adding or syncing MCP servers can change what external tools the agent may use.

Why it was flagged

The skill documents commands that can sync MCP server configuration into OpenClaw, expanding or changing the agent's available tools.

Skill content

mcp-tool-utils sync --to openclaw

Recommendation

Review MCP server entries before syncing them, and only add servers you trust.

Low

#ASI03: Identity and Privilege Abuse

What this means

An exposed API key could allow use of the connected provider account or consume account quota.

Why it was flagged

The documented integration uses provider API keys, including an example where a key is embedded in a configuration URL.

Skill content

"url": "https://mcp.tavily.com/mcp/?tavilyApiKey=..."

Recommendation

Use scoped provider keys, avoid committing API-key-bearing config files, and rotate keys if they are exposed.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

If a user installs or runs a separate `mcp-tool-utils` binary, that binary's behavior is outside the reviewed artifact set.

Why it was flagged

The documentation references a CLI command, but the supplied artifacts contain no executable code or install specification for that CLI.

Skill content

mcp-tool-utils add-server --name tavily --url https://mcp.tavily.com

Recommendation

Only install MCP utilities from a trusted source and verify the package or binary before running the documented commands.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Information sent through MCP tools may be shared with third-party MCP servers or agent workflows.

Why it was flagged

The skill describes MCP as enabling context exchange between agents and lists remote MCP servers, so user queries or context may cross agent/server boundaries.

Skill content

- Kontext-Austausch zwischen Agenten

Recommendation

Do not send sensitive data to untrusted MCP servers, and review each server's privacy and permission model before enabling it.