MCP Server Discovery
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears to be a straightforward MCP server lookup and configuration generator, but generated configs can enable external MCP packages with sensitive access if the user installs them.
This skill looks safe to install as a discovery helper. Before using any generated MCP configuration, verify the external package names, enable only the servers you need, scope filesystem paths and credentials carefully, and understand whether a selected server will store memory across sessions.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user saves a generated config without reviewing it, their MCP client may gain access to local files, repositories, databases, web automation, or persistent memory depending on the selected servers.
The skill can generate MCP client configurations for servers that may expose high-impact tools, including filesystem, GitHub, and memory access. This is aligned with the stated purpose and user-directed, but users should review what each server will be allowed to do.
python3 scripts/mcp_discover.py config --servers "filesystem,github,memory" ... Save the output to your MCP client's config file
Only enable MCP servers you need, review each server's permissions, and add explicit filesystem paths, credentials, or other limits before using the generated configuration.
A future or tampered package version could affect the MCP server that gets launched by the client.
Generated configurations use npx with unpinned package names. This is expected for an MCP setup helper, but it means the MCP client will fetch or run external npm packages when the config is used.
"command": "npx", "args": ["-y", f"@modelcontextprotocol/server-{server_name}"]Verify package names against official MCP documentation, consider pinning versions, and install only from trusted sources.
Over-scoped tokens could let an MCP server act broadly on a user's third-party account.
The reference material explains that downstream MCP servers may use account tokens or API keys. The skill itself does not collect or require these credentials, but generated configurations may lead users to add them.
GitHub ... Requires: GITHUB_TOKEN environment variable ... "env": { "API_KEY": "your-key" }Use least-privilege tokens, avoid pasting broad personal credentials into configs, and rotate credentials if a server is no longer needed.
Information stored by a memory server may be reused later, including sensitive or stale context.
The skill can point users to a persistent memory MCP server. This is disclosed and purpose-aligned, but persistent memory can retain sensitive or incorrect information across sessions.
Memory ... Knowledge graph-based persistent memory ... Store and recall information across sessions
Enable persistent memory only when needed, review what it stores, and clear or restrict retained memory when appropriate.