skillz
Verified Safeby mugoherick12-boop
Overview
Serves structured 'skills' and their associated resources via the MCP protocol, enabling AI clients (especially non-Claude ones) to interact with and utilize Anthropic-style functionalities.
Installation
skillzSecurity Notes
The server exposes a `fetch_resource` tool that allows clients to retrieve files associated with skills. It includes explicit and robust path traversal checks (`'..' in rel_path_str` and `rel_path_str.startswith('/')`) to prevent unauthorized file access outside of skill directories. Content is correctly handled, either decoded as UTF-8 text or base64-encoded for binary data. No `eval` or code obfuscation patterns were identified. The primary risk would stem from malicious content within the loaded skill files themselves, which the server serves; however, the server's role is primarily to deliver this content securely.
Similar Servers
skillz
Acts as an MCP server to expose Claude-style skills and their resources as callable tools for AI agents.
Delphi-MCP-Server
Implements the Model Context Protocol (MCP) in Delphi to enable AI-powered development workflows and integrate with clients like Claude Code.
agentx
A unified CLI tool for managing MCP (Model Context Protocol) servers and skills across multiple AI coding agents like Claude Code, Codex, Cursor, Gemini CLI, and OpenCode.
skrills
A versatile tool to manage, validate, analyze, and synchronize AI skills and agent configurations for Claude Code and Codex CLI, running as an MCP server.