github-mpc
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: github-mpc Version: 1.0.1 The skill is classified as suspicious due to its instructions to the agent to handle `GITHUB_TOKEN` as an environment variable and to execute `npx @modelcontextprotocol/server-github`. While these actions are plausibly necessary for the stated purpose of configuring MCP servers, they involve direct access to sensitive credentials and arbitrary code execution via `npx`, which are high-risk capabilities. There is no clear evidence of intentional malicious behavior like unauthorized data exfiltration or persistence, but the potential for abuse of these capabilities warrants a 'suspicious' classification. These instructions are found in `SKILL.md`.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A GitHub token with these scopes can expose private repository and organization information if misused or installed into an untrusted MCP server.
The guide asks the user to create a GitHub token with organization and repository access. This is expected for private repository search, but these scopes are sensitive and may grant broader repository authority than read-only documentation lookup needs.
Grant `repo` and `read:org` scopes
Use a fine-grained or read-only token limited to the required organization/repositories if possible, keep it out of chat logs, and rotate it if no longer needed.
If used carelessly, the connected agent could publish or modify Confluence content in the configured space.
The Atlassian MCP capability includes creating Confluence pages. That is aligned with the Product Guide Writer workflow, but it can change shared business documentation.
user-atlassian | Confluence search/publish, Jira integration | Yes | searchConfluenceUsingCql, createConfluencePage, getConfluenceSpaces
Review page destinations and generated content before publishing, and restrict Confluence permissions to the intended space where possible.
Installing an unexpected or changed package version could alter the behavior of the GitHub MCP server.
The setup example runs an npm-hosted MCP server package without pinning a version. This is user-directed and purpose-aligned, but it depends on external package provenance.
"command": "npx", "args": ["-y", "@modelcontextprotocol/server-github"]
Install official MCP servers only, consider pinning package versions, and verify package names before adding them to Cursor configuration.
Repository, Confluence, design, or log data may be accessed through the configured MCP servers during later workflows.
The workflow depends on MCP servers that broker access to external SaaS or infrastructure services. The integrations are disclosed, but they define where queries and retrieved data may flow.
Required MCP Servers ... user-atlassian ... user-github ... user-Figma ... user-elasticsearch-mcp
Use trusted MCP servers, verify endpoints and account scopes, and avoid granting optional integrations unless they are needed.