@mcpskillsio/server 2.4.1 → 2.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +4 -4
- package/package.json +1 -1
package/index.js
CHANGED
|
@@ -225,7 +225,7 @@ function formatAgentResponse(data) {
|
|
|
225
225
|
lines.push('🏅 Certified Safe by MCP Skills');
|
|
226
226
|
}
|
|
227
227
|
|
|
228
|
-
lines.push('', 'Set MCPSKILLS_API_KEY for full
|
|
228
|
+
lines.push('', 'Set MCPSKILLS_API_KEY for the full signal breakdown (13 standard / 15 Skills Mode).');
|
|
229
229
|
|
|
230
230
|
return lines.join('\n');
|
|
231
231
|
}
|
|
@@ -396,7 +396,7 @@ function formatSafetyResult(data) {
|
|
|
396
396
|
const server = new Server(
|
|
397
397
|
{
|
|
398
398
|
name: "mcpskills",
|
|
399
|
-
version: "2.4.
|
|
399
|
+
version: "2.4.2",
|
|
400
400
|
},
|
|
401
401
|
{
|
|
402
402
|
capabilities: {
|
|
@@ -428,7 +428,7 @@ server.setRequestHandler(ListToolsRequestSchema, async () => {
|
|
|
428
428
|
{
|
|
429
429
|
name: "scan_safety",
|
|
430
430
|
description:
|
|
431
|
-
"Run a focused safety scan on an AI skill or MCP server. Checks for prompt injection, shell execution, network exfiltration, credential theft,
|
|
431
|
+
"Run a focused safety scan on an AI skill or MCP server. Checks for prompt injection, shell execution, network exfiltration, credential theft, obfuscated payloads, public network binding (0.0.0.0), and risky npm lifecycle scripts (preinstall/install/postinstall). Accepts any input format (owner/repo, npm package, Smithery URL, etc.).",
|
|
432
432
|
inputSchema: {
|
|
433
433
|
type: "object",
|
|
434
434
|
properties: {
|
|
@@ -1071,7 +1071,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
|
|
|
1071
1071
|
lines.push(`Full signal breakdown available for each tool via check_trust_score.`);
|
|
1072
1072
|
} else {
|
|
1073
1073
|
lines.push(`---`);
|
|
1074
|
-
lines.push(`Set MCPSKILLS_API_KEY for full
|
|
1074
|
+
lines.push(`Set MCPSKILLS_API_KEY for full reports on each tool (13 standard / 15 Skills Mode).`);
|
|
1075
1075
|
lines.push(`Get a key at https://mcpskills.io`);
|
|
1076
1076
|
}
|
|
1077
1077
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mcpskillsio/server",
|
|
3
|
-
"version": "2.4.
|
|
3
|
+
"version": "2.4.2",
|
|
4
4
|
"description": "Trust-score any AI skill or MCP server from inside Claude Code, Cursor, or any MCP client. Accepts GitHub repos, npm packages, Smithery URLs, and OpenClaw skills. 15 signals (incl. OSV/KEV/EPSS vulnerability intelligence), safety scanning, OpenClaw frontmatter parsing + transparency scoring, recommendations, badges, monitoring, batch checking, auto-gate decisions, and stack building from live trust data.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "index.js",
|