mcpb

The CLI tool itself appears generally safe to run, with standard file system operations and proper zip slip prevention during unpacking. Cryptographic operations for signing use `node-forge` and rely on external OS tools (`openssl`, `security`, `powershell.exe`) for certificate chain validation. While `execSync` is used for generating self-signed certificates, it's for an optional developer utility with controlled inputs. The primary security consideration for the ecosystem is that the `mcp_config` field in the manifest allows extension developers to specify arbitrary commands and arguments, including variable substitutions. A malicious extension could craft dangerous commands, which the host application (e.g., Claude Desktop) would execute. This highlights the importance of robust sandboxing and validation by the host application that consumes MCPB files from untrusted sources, rather than a direct vulnerability within the `mcpb` tool itself.