Skill of Skills
⌨️ cli toolActiveCuratedmedium

mcpm.sh

by pathintegral-institute

CLI MCP package manager & registry for all platforms and all clients. Search & configure MCP servers. Advanced Router & Profile features.

Stars

968

Skill Type

📖 Library & API Reference

Quality Score

121/200

License

MIT

Forks

106

Last Updated

Jun 11, 2026

Discovered

Mar 27, 2026

Validation

Passed

github.com/pathintegral-institute/mcpm.sh

Quality Breakdown

121/ 200

Content Signals

Gotchas/Edge Cases+40
Progressive Disclosure+30
Trigger Description+20
Verification/Safety+20
Code Examples+15
Composability+15

Repo Health

Recent Activity+15
Scripts/Automation+10
Real Usage (Issues)+10
Single Responsibility+10
Config/Persistence+10
Install Instructions+5

Multi-platform bonus: +5 pts if tool supports 2+ platforms. Score derived from 12 structural signals — not stars or popularity.

Trust & Verification

medium

Requires extended permissions (shell access, subagents). Review before use.

Active

Updated within the last 90 days. Actively maintained.

Unverified skill. Always review source code before installing any skill from an unknown author.

Risk Assessment

  • Repository contains shell scripts (mcpm.sh, bump_version.sh, dev.sh) that could execute arbitrary code
  • Presence of CLAUDE.md suggests persistent AI agent configuration and memory modification
  • GitHub workflows (.github/workflows/) with deploy.yml and semantic-release.yml indicate automated deployment capabilities
  • Package manager tool that installs and executes MCP servers from external sources (mcp-registry), creating supply chain risk
  • Large registry of external MCP server configurations (500+ JSON files) sourced from untrusted third parties
  • Dockerfile configurations for frpc/frps tunneling services suggest network/remote execution capabilities