Skillv1.0.0

ClawScan security

Mcporter Hardened · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 29, 2026, 1:44 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are coherent with its stated purpose (wrapping the mcporter CLI); nothing requested or installed is disproportionate to that goal.
Guidance: This skill appears to simply teach the agent to run the mcporter CLI and includes reasonable guardrails. Before installing: 1) verify the 'mcporter' npm package publisher and inspect its source (npm view mcporter; review its repo) because npm packages run code during install; 2) be aware mcporter can run local commands and call arbitrary URLs — avoid using it on untrusted inputs or piping output to network tools; 3) never pass API keys or passwords directly in mcporter call arguments (use mcporter auth or local config); and 4) consider installing and testing mcporter in a sandboxed environment first if you don't control the package publisher.

Review Dimensions

Purpose & Capability: okThe skill is an instruction-only wrapper around the mcporter CLI. It requires the mcporter binary and provides an npm-based install for the mcporter package — these align with the stated purpose of listing, configuring, auth'ing, and calling MCP servers/tools.
Instruction Scope: noteSKILL.md instructs the agent to run mcporter commands (list, call, auth, daemon, generate, etc.) and references the mcporter config path (./config/mcporter.json). This is expected, but mcporter can execute arbitrary local stdio commands and call arbitrary URLs (e.g., `--stdio "bun run ./server.ts"` and full-URL calls). Those capabilities are inherent to the CLI and not incoherent, but they are powerful and capable of executing local code or contacting external endpoints — the skill includes explicit guardrails about not exfiltrating outputs or passing secrets in arguments.
Install Mechanism: noteInstall spec uses a Node (npm) package named 'mcporter' which will install a binary named mcporter. npm installs are traceable but can contain arbitrary code; no direct downloads from unknown URLs or archives are specified. Verify the npm package publisher before installing.
Credentials: okThe skill does not request environment variables, credentials, or access to other skills' configuration. It documents mcporter's own config path and auth workflow (which will manage credentials locally), but does not demand unrelated secrets.
Persistence & Privilege: okThe skill is not marked always:true, doesn't request elevated persistence, and is instruction-only. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.