Mcporter
ReviewAudited by ClawScan on May 1, 2026.
Overview
Mcporter is transparently described, but it is a powerful MCP control tool that can call arbitrary tools, change configs, authenticate to services, run local stdio commands, and start a daemon.
Install this only if you want the agent to have a powerful MCP command-line interface. Before use, decide which servers are trusted, require confirmation for authentication, config changes, stdio commands, daemon startup, and any non-read-only tool calls, and verify the npm package source/version.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked against connected services, the agent could create or change data or alter mcporter configuration, depending on available MCP servers and credentials.
The skill documents a broad direct MCP tool-call interface plus config mutation commands, including an example that creates an issue, without instructions to restrict or confirm high-impact actions.
`mcporter call <server.tool> key=value` ... `mcporter call "linear.create_issue(title: \"Bug\")"` ... `mcporter config list|get|add|remove|import|login|logout`
Use least-privilege MCP server configs and require explicit user approval before auth, config edits, non-read-only tool calls, or calls to unfamiliar servers.
Authorizing the wrong server or overly broad scopes could give that connection access to account or workspace data.
The skill can initiate OAuth authentication for a named server or URL. This is expected for an MCP client tool, but it grants delegated account authority.
OAuth: `mcporter auth <server | url> [--reset]`
Only authenticate trusted MCP servers, review OAuth scopes carefully, and prefer accounts or tokens with minimal permissions.
A trusted local command can be useful, but an untrusted or mistaken command could run code on the user's machine.
The stdio mode example runs a local command as an MCP server. This is disclosed and aligned with ad-hoc MCP server use, but it is local command execution.
Stdio: `mcporter call --stdio "bun run ./server.ts" scrape url=https://example.com`
Use `--stdio` only with commands and project files you trust, and avoid passing command strings from untrusted sources.
Tool arguments or requested data may be shared with whichever MCP endpoint is selected.
The skill can send MCP tool calls and arguments to an arbitrary HTTP endpoint. This is disclosed and central to the skill, but the endpoint defines the data boundary.
Full URL: `mcporter call https://api.example.com/mcp.fetch url:https://example.com`
Call only trusted MCP URLs and avoid sending private data to endpoints whose operator, permissions, or logging practices you have not reviewed.
A daemon may keep running after the immediate task if started and not stopped.
The skill documents a daemon command that can start a background process. The presence of status/stop/restart makes it disclosed and manageable, but it is still persistence.
Daemon - `mcporter daemon start|status|stop|restart`
Start the daemon only intentionally, check its status when finished, and stop it when it is no longer needed.
The safety of the installed skill depends on the npm package that provides the mcporter binary.
The executable is supplied by an external Node package rather than code included in the skill. This is expected for a CLI wrapper but creates a package-provenance dependency.
[0] node | package: mcporter | creates binaries: mcporter
Install from a trusted registry/source, review the package provenance, and pin or verify the version where possible.