ClawHubCN
@steipete

Mcporter

Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type generation.

Mirror download
Current version
v1.0.0
171 5.5万All installs 1,859
READMEFilesVersionsCompare

name: mcporter description: Use the mcporter CLI to list, configure, auth, and call MCP servers/tools directly (HTTP or stdio), including ad-hoc servers, config edits, and CLI/type generation. homepage: http://mcporter.dev metadata: {"clawdbot":{"emoji":"📦","requires":{"bins":["mcporter"]},"install":[{"id":"node","kind":"node","package":"mcporter","bins":["mcporter"],"label":"Install mcporter (node)"}]}}

mcporter

Use mcporter to work with MCP servers directly.

Quick start

  • mcporter list
  • mcporter list <server> --schema
  • mcporter call <server.tool> key=value

Call tools

  • Selector: mcporter call linear.list_issues team=ENG limit:5
  • Function syntax: mcporter call "linear.create_issue(title: \"Bug\")"
  • Full URL: mcporter call https://api.example.com/mcp.fetch url:https://example.com
  • Stdio: mcporter call --stdio "bun run ./server.ts" scrape url=https://example.com
  • JSON payload: mcporter call <server.tool> --args '{"limit":5}'

Auth + config

  • OAuth: mcporter auth <server | url> [--reset]
  • Config: mcporter config list|get|add|remove|import|login|logout

Daemon

  • mcporter daemon start|status|stop|restart

Codegen

  • CLI: mcporter generate-cli --server <name> or --command <url>
  • Inspect: mcporter inspect-cli <path> [--json]
  • TS: mcporter emit-ts <server> --mode client|types

Notes

  • Config default: ./config/mcporter.json (override with --config).
  • Prefer --output json for machine-readable results.

Security Scan

Status

suspicious

Open VirusTotal

OpenClaw

gpt-5-mini

suspicious

OpenClaw analysis

The SKILL.md aligns with a CLI-focused skill (mcporter) but it contains metadata/install instructions that conflict with the registry record and the runtime instructions allow executing arbitrary stdio commands and storing auth in a local config — review before installing or granting it access.

Confidence: medium

VirusTotal

Type: OpenClaw Skill Name: mcporter Version: 1.0.0 The skill is classified as suspicious due to its broad capabilities, particularly the explicit instruction for `mcporter call --stdio "bun run ./server.ts"` in `SKILL.md`. This demonstrates and enables the execution of arbitrary commands, which is a significant security risk, even though the example command itself is benign. Additionally, the skill allows for arbitrary HTTP calls (`mcporter call <url>`), configuration edits, and daemon management, granting extensive system and network access. While these capabilities might be plausible for the stated purpose of a CLI tool, they represent high-risk behaviors without clear malicious intent from the skill bundle itself.

Metadata

  • Owner: @steipete
  • Created: 2026/01/04
  • Updated: 2026/04/14
  • Versions: 1
  • Comments: 1
  • Scan checked at: 2026/02/11

Runtime

No runtime requirements are exposed in the official public payload.