McPorter Local

v1.0.0

Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type gene...

⭐ 0· 91·0 current·0 all-time

byWu Liyuan@wuliyuan2026·duplicate of @mskmz/mcporter-1-0-0

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for wuliyuan2026/mcporter-local.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "McPorter Local" (wuliyuan2026/mcporter-local) from ClawHub.
Skill page: https://clawhub.ai/wuliyuan2026/mcporter-local
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: mcporter
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install mcporter-local

ClawHub CLI

Package manager switcher

npx clawhub@latest install mcporter-local

Security Scan

Capability signals

Requires OAuth token

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The name/description, required binary (mcporter), and usage in SKILL.md are coherent: this skill is an instruction-only wrapper for the mcporter CLI. Requiring/Installing an mcporter binary via the npm package is proportionate to the claimed functionality.

Instruction Scope

SKILL.md instructs the agent to call arbitrary MCP endpoints and supports full URLs and a 'stdio' mode that can run local processes (e.g., 'bun run ./server.ts') and stream data. That capability is expected for this CLI, but it also means the agent (or user) can cause local processes to run and can send arbitrary local content to remote endpoints — a potential exfiltration vector if misused. The instructions reference the default config path './config/mcporter.json', which could contain credentials; the skill does not declare that file as a required path but uses it by default.

ℹ

Install Mechanism

Install spec uses an npm package named 'mcporter' that will create a 'mcporter' binary. npm installs are common for CLIs but bring the usual supply-chain risk: the package contents are arbitrary third-party code. No direct downloads from unknown URLs or archive extraction were specified.

✓

Credentials

The skill declares no required environment variables or credentials, which is appropriate. However, the CLI supports auth flows and a local config file; those could hold credentials when used, so the absence of declared env/credential requirements is correct but users should be aware the tool may prompt for or store secrets at runtime.

✓

Persistence & Privilege

always is false and model invocation is allowed (default). The skill does not request permanent platform-wide presence or attempt to modify other skill configs in the provided instructions.

What to consider before installing

This skill is an instruction-only adaptor for the mcporter CLI and is plausible for the stated purpose, but review these points before installing: - Metadata mismatch: registry metadata lists a different owner/slug than the _meta.json inside the package (ownerId/slug differ). That inconsistency can indicate packaging or publishing errors—verify the publisher and package provenance. - Verify the npm package: inspect the 'mcporter' npm package contents and its repository (or homepage) before installing; confirm the publisher identity, recent versions, and package integrity (checksum/signature) where possible. - Be cautious with data/exfiltration: mcporter supports calling arbitrary URLs and a stdio mode that can run local processes and stream data. Avoid using it with sensitive files or credentials until you trust the binary. - Check local config: by default it uses ./config/mcporter.json; review that file for stored credentials and avoid pointing the tool at directories containing secrets unless necessary. - Least privilege: run the mcporter binary in a restricted environment (non-root, limited filesystem scope) or inspect the package source manually if you need to run it in production. If you can provide the package repository link or the npm package SHA / publisher info, I can re-evaluate and raise or lower confidence.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📦 Clawdis

Binsmcporter

Install

Install mcporter (node)

Bins: mcporter

npm i -g mcporter

latestvk978vgh7eyeeak002a1ap2ahsd84q8as

91downloads

0stars

1versions

Updated 2w ago

v1.0.0

MIT-0

mcporter

Use mcporter to work with MCP servers directly.

Quick start

mcporter list
mcporter list <server> --schema
mcporter call <server.tool> key=value

Call tools

Selector: mcporter call linear.list_issues team=ENG limit:5
Function syntax: mcporter call "linear.create_issue(title: \"Bug\")"
Full URL: mcporter call https://api.example.com/mcp.fetch url:https://example.com
Stdio: mcporter call --stdio "bun run ./server.ts" scrape url=https://example.com
JSON payload: mcporter call <server.tool> --args '{"limit":5}'

Auth + config

OAuth: mcporter auth <server | url> [--reset]
Config: mcporter config list|get|add|remove|import|login|logout

Daemon

mcporter daemon start|status|stop|restart

Codegen

CLI: mcporter generate-cli --server <name> or --command <url>
Inspect: mcporter inspect-cli <path> [--json]
TS: mcporter emit-ts <server> --mode client|types

Notes

Config default: ./config/mcporter.json (override with --config).
Prefer --output json for machine-readable results.

Comments

Loading comments...