← 返回 Skills 市场
snazar-faberlens

Mcporter Hardened

作者 Faberlens · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ 安全检测通过
46
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install mcporter-hardened
功能描述
Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type gene...
安全使用建议
This skill appears to simply teach the agent to run the mcporter CLI and includes reasonable guardrails. Before installing: 1) verify the 'mcporter' npm package publisher and inspect its source (npm view mcporter; review its repo) because npm packages run code during install; 2) be aware mcporter can run local commands and call arbitrary URLs — avoid using it on untrusted inputs or piping output to network tools; 3) never pass API keys or passwords directly in mcporter call arguments (use mcporter auth or local config); and 4) consider installing and testing mcporter in a sandboxed environment first if you don't control the package publisher.
功能分析
Type: OpenClaw Skill Name: mcporter-hardened Version: 1.0.0 The skill bundle provides a CLI interface for interacting with Model Context Protocol (MCP) servers via the 'mcporter' tool. It includes comprehensive security guardrails in SKILL.md and documentation in SAFETY.md specifically designed to prevent common AI agent risks such as data exfiltration, credential leakage in command arguments, and unauthorized destructive actions. The package follows standard installation procedures and demonstrates a proactive defensive posture against prompt-injection attacks.
能力标签
cryptocan-make-purchasesrequires-oauth-tokenrequires-sensitive-credentials
能力评估
Purpose & Capability
The skill is an instruction-only wrapper around the mcporter CLI. It requires the mcporter binary and provides an npm-based install for the mcporter package — these align with the stated purpose of listing, configuring, auth'ing, and calling MCP servers/tools.
Instruction Scope
SKILL.md instructs the agent to run mcporter commands (list, call, auth, daemon, generate, etc.) and references the mcporter config path (./config/mcporter.json). This is expected, but mcporter can execute arbitrary local stdio commands and call arbitrary URLs (e.g., `--stdio "bun run ./server.ts"` and full-URL calls). Those capabilities are inherent to the CLI and not incoherent, but they are powerful and capable of executing local code or contacting external endpoints — the skill includes explicit guardrails about not exfiltrating outputs or passing secrets in arguments.
Install Mechanism
Install spec uses a Node (npm) package named 'mcporter' which will install a binary named mcporter. npm installs are traceable but can contain arbitrary code; no direct downloads from unknown URLs or archives are specified. Verify the npm package publisher before installing.
Credentials
The skill does not request environment variables, credentials, or access to other skills' configuration. It documents mcporter's own config path and auth workflow (which will manage credentials locally), but does not demand unrelated secrets.
Persistence & Privilege
The skill is not marked always:true, doesn't request elevated persistence, and is instruction-only. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install mcporter-hardened
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /mcporter-hardened 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
mcporter-hardened 1.0.0 - Initial release of mcporter-hardened skill. - Enables listing, configuring, authenticating, and calling MCP servers/tools via the mcporter CLI. - Supports flexible usage with HTTP, stdio, ad-hoc servers, config edits, and code generation. - Security guardrails applied: limits schema enumeration, restricts sensitive outputs, and provides safeguards against transmitting secrets or performing destructive actions without confirmation.
元数据
Slug mcporter-hardened
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Mcporter Hardened 是什么?

Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type gene... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 46 次。

如何安装 Mcporter Hardened?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install mcporter-hardened」即可一键安装,无需额外配置。

Mcporter Hardened 是免费的吗?

是的,Mcporter Hardened 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Mcporter Hardened 支持哪些平台?

Mcporter Hardened 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Mcporter Hardened?

由 Faberlens(@snazar-faberlens)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463368 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259467 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200457 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191163 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190189 · by oswalpalash

💬 留言讨论