security
Security
Every MCP risk signal in one place — CVEs, tool safety, drift, naming, licenses. Heuristic: review signals, not verdicts.
45 CRITICAL
3646 HIGH
531 MEDIUM
1205 LOW
11 NONE
Static code-analysis findings — hidden prompt content in shipped skill files, committed secrets, dynamic-exec sinks, and suspicious call-home endpoints — across the analyzed catalogue. Heuristic, pure, no code executed; every row deep-links to its source. Click a kind to filter.
6143 analyzed
299 re-analysis due
1436 not analyzable
9393 not yet analyzed
707 source gone
Running analyzer v17. The scanner changelog explains what each version detects and when it changed.
- hidden prompt78
- committed secret181
- dynamic exec368
- suspicious endpoint164
- token-log85
- oauth-scope107
- skill-script50
- ide-extension2
- skill file11156
- LOW token-logtask-master-aicredential in log
Context:`)),t.orgName&&console.log(B.gray(` Organization: ${t.orgName}`)),t.briefName&&console.log(B.gray(` Brief: ${t.briefName}`))),{success:!0,action:`status`,credentials:{token:e?.access_tok - LOW skill-scriptclaude-memsuspicious bundled script
if ! curl -fsSL https://bun.sh/install | bash; then - MEDIUM suspicious endpointclaude-memapi.telegram.org
const response = await fetch(`https://api.telegram.org/bot${botToken}/sendMessage`, { - LOW token-log@bike4mind/clicredential in log
console.log(`Expires: ${new Date(authTokens.expiresAt).toLocaleString()}`); - HIGH dynamic execopenapi-mcp-generatoreval()
const zodSchema = eval(zodSchemaString); - HIGH hidden promptclaude-flowskill: skill-exfil
secret→sink: # Send to DataDog - MEDIUM suspicious endpointmneme-aiapi.telegram.org
const tgReach = tgCfg ? await ping(`https://api.telegram.org/bot${tgCfg.token}/getMe`) : null; - HIGH dynamic execfigma-console-mcpeval()
codePromise = eval(wrappedCode); - HIGH dynamic exec@shopify/dev-mcpnew Function()
const H = new Function(`${r.default.self}`, `${r.default.scope}`, Z)(this, this.scope.get()); - HIGH dynamic exec@payloadcms/plugin-mcpnew Function()
return new Function('z', `return ${transpileResult.outputText}`)(z) - HIGH dynamic exec@payloadcms/plugin-mcpnew Function()
return new Function('z', `return ${transpileResult.outputText}`)(z); - HIGH dynamic execgitnexusvm exec
cachedGc = vm.runInNewContext('gc'); - MEDIUM suspicious endpointWayforthOfficial/wayforthdiscord.com
svc("Discord Webhooks", "discord_webhooks", "https://discord.com/api/webhooks", "communication", - HIGH hidden prompt@claude-flow/cliskill: skill-exfil
secret→sink: # Send to DataDog - HIGH dynamic execagentic-flownew Function()
const ret = new Function(getStringFromWasm0(arg0, arg1));