📚 resourceActiveExperimentalmedium

mcp2cli

Turn any MCP, OpenAPI, or GraphQL server into a CLI — at runtime, with zero codegen

Stars

2.2k

Skill Type

📖 Library & API Reference

Quality Score

55/200

License

MIT

Forks

154

Last Updated

Jun 11, 2026

Discovered

Apr 6, 2026

Validation

Passed

github.com/knowsuchagency/mcp2cli

Quality Breakdown

55/ 200

Content Signals

○Gotchas/Edge Cases+40

○Progressive Disclosure+30

○Trigger Description+20

○Verification/Safety+20

✓Code Examples+15

○Composability+15

Repo Health

✓Recent Activity+15

○Scripts/Automation+10

✓Real Usage (Issues)+10

✓Single Responsibility+10

○Config/Persistence+10

✓Install Instructions+5

Multi-platform bonus: +5 pts if tool supports 2+ platforms. Score derived from 12 structural signals — not stars or popularity.

medium

Requires extended permissions (shell access, subagents). Review before use.

Active

Updated within the last 90 days. Actively maintained.

Unverified skill. Always review source code before installing any skill from an unknown author.

Executes arbitrary remote code at runtime: connects to external MCP servers, OpenAPI specs, and GraphQL endpoints without validation or sandboxing
Network-based code execution: fetches and executes tool definitions from untrusted remote servers specified via CLI arguments
CLI argument injection risk: --mcp, --spec, --graphql parameters accept arbitrary URLs that are then executed/connected to
OAuth credential handling: implements OAuth flows which could be exploited to capture or misuse credentials
Dynamic tool invocation: runs tools/queries from remote definitions without static analysis or approval gates
No apparent input validation on remote endpoints before execution