40Medium
The skill poses a security risk by accessing sensitive environment variables and fails to adhere to naming and licensing standards.
Skill Info
Nameanthropics/claude-code/mcp-integration
Registrygithub
Versionc487902a53fc
PURLpkg:github/anthropics/claude-code@c487902a53fc?skill=mcp-integration
Stars133,398
Installs11,100
Source
Install
This skill has findings worth reviewing before installing.
GitHub
11,100 installs
Skills.shDocs
npx skills add https://github.com/anthropics/claude-codeAssessments (2)
AI Agent Traps ↗Access to sensitive environment variables detectedmediumcredential theftAML.T0055AML.T0037LLM02:2025
Access to sensitive environment variables detected
100% confidenceline 282
${API_KEY}Invalid skill name formatlowpolicy violation
Skill name should be lowercase alphanumeric with hyphens (e.g., 'my-skill').
100% confidence
MCP Integration
Missing licenseinfopolicy violation
Skill does not specify a license field. Specifying a license helps users understand usage terms.
100% confidence
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/anthropics/claude-code/mcp-integration)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/anthropics/claude-code/mcp-integration"><img src="https://mondoo.com/ai-agent-security/api/badge/github/anthropics/claude-code/mcp-integration.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/anthropics/claude-code/mcp-integration.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow