MCP Observatory
security

Security

Every MCP risk signal in one place — CVEs, tool safety, drift, naming, licenses. Heuristic: review signals, not verdicts.

Static code-analysis findings — hidden prompt content in shipped skill files, committed secrets, dynamic-exec sinks, and suspicious call-home endpoints — across the analyzed catalogue. Heuristic, pure, no code executed; every row deep-links to its source. Click a kind to filter.

analysis coverage38% of 17283 analyzable servers
6275 analyzed
297 re-analysis due
1444 not analyzable
9267 not yet analyzed
711 source gone

Running analyzer v17. The scanner changelog explains what each version detects and when it changed.

committed secrets
  1. haymon-ai/dbmcp 8
  2. @mcp-guardian/server 7
  3. firerpa/lamda 6
  4. jeecgboot/JeecgBoot 6
  5. Aganium/agenium 5
dynamic-exec sinks
  1. 53AI/53AIHub 17
  2. koreainvestment/open-trading-api 13
  3. KevinRabun/judges 10
  4. ruvnet/sublinear-time-solver 10
  5. gnh1201/welsonjs 8
suspicious endpoints
  1. Coff0xc/AutoRedTeam-Orchestrator 13
  2. nirholas/cryptocurrency.cv 10
  3. @mcp-guardian/server 8
  4. manthanghasadiya/mcpsec 8
  5. vbcherepanov/total-agent-memory 8
credentials in logs
  1. gnh1201/welsonjs 4
  2. MCFLAMINGO/gsb-swarm 3
  3. flow-nexus 3
  4. Gammell53/clawwork-mcp 2
  5. Hekkova/hekkova-mcp 2
over-broad OAuth scopes
  1. hith3sh/clawlink 7
  2. @a-bonus/google-docs-mcp 6
  3. gg-mcp 6
  4. juspay/neurolink 6
  5. sanjay3290/ai-skills 6
suspicious bundled scripts
  1. mukul975/Anthropic-Cybersecurity-Skills 36
  2. Leo-Atienza/atlas-claude 10
  3. loki-mode 4
  4. Createya-ai/createya-mcp 2
  5. IgorGanapolsky/mcp-memory-gateway 1
ships skill files
  1. ComposioHQ/awesome-claude-skills 200
  2. ecc-universal 193
  3. event4u-app/agent-config 190
  4. mukul975/Anthropic-Cybersecurity-Skills 184
  5. saajunaid/junai 183
  1. LOW skill-scriptsignetaisuspicious bundled scriptENCODED_QUERY=$(python3 -c "import urllib.parse,sys; print(urllib.parse.quote(sys.argv[1]))" "$QUERY")
    package/skills/web-search/scripts/web-search:94
  2. LOW skill-scriptaiwgsuspicious bundled scripteval "$(python3 -c "
    package/agentic/code/addons/aiwg-utils/skills/steward-prep-delivery/find-duplicates.sh:81
  3. LOW skill-scriptclaude-memsuspicious bundled scriptif ! curl -fsSL https://bun.sh/install | bash; then
    package/openclaw/install.sh:419
  4. LOW skill-scriptmouse114514/Xadeus-QQ-MCPsuspicious bundled scriptcurl -fsSL https://get.docker.com | sh
    mouse114514-Xadeus-QQ-MCP-bbe9d26/scripts/install-linux.sh:21
  5. LOW skill-scripthelius-labs/core-aisuspicious bundled scriptecho " curl -fsSL https://raw.githubusercontent.com/okx/onchainos-skills/main/install.sh | bash"
    helius-labs-core-ai-8ce8bf9/helius-skills/helius-okx/install.sh:78
  6. LOW skill-scriptloki-modesuspicious bundled scriptecho " curl -fsSL https://deno.land/install.sh | sh"
    package/autonomy/serve.sh:125
  7. LOW skill-scriptloki-modesuspicious bundled scriptlog_error " Linux: curl -fsSL https://get.docker.com | sh"
    package/autonomy/sandbox.sh:189
  8. LOW skill-scriptloki-modesuspicious bundled scripteval "$(_LOKI_SETTINGS_FILE="$settings_file" python3 -c "
    package/autonomy/run.sh:523
  9. LOW skill-scriptloki-modesuspicious bundled scriptecho " curl -fsSL https://bun.sh/install | bash # any platform" >&2
    package/autonomy/loki:7511
  10. LOW skill-scriptLeo-Atienza/atlas-claudesuspicious bundled scriptecho " Linux: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash"
    Leo-Atienza-atlas-claude-06be497/skills/skills-archive/cc-devops/helm-validator/scripts/setup_tools.sh:89
  11. LOW skill-scriptLeo-Atienza/atlas-claudesuspicious bundled scriptcurl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/nektos/act/master/install.sh | bash -s -- -b "${TOOLS_DIR}"
    Leo-Atienza-atlas-claude-06be497/skills/skills-archive/cc-devops/github-actions-validator/scripts/install_tools.sh:49
  12. LOW skill-scriptLeo-Atienza/atlas-claudesuspicious bundled scriptCMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:PORT_NUMBER/health').read()" || exit 1
    Leo-Atienza-atlas-claude-06be497/skills/skills-archive/cc-devops/dockerfile-generator/scripts/generate_python.sh:112
  13. LOW skill-scriptLeo-Atienza/atlas-claudesuspicious bundled scriptCMD node -e "require('http').get('http://localhost:PORT_NUMBER/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})" || exit 1
    Leo-Atienza-atlas-claude-06be497/skills/skills-archive/cc-devops/dockerfile-generator/scripts/generate_nodejs.sh:117
  14. LOW skill-scriptLeo-Atienza/atlas-claudesuspicious bundled script(re.compile(r'Invoke-WebRequest.*\|\s*(Invoke-Expression|iex)'), 'invoke-web-pipe-iex', 'Download and verify scripts before execution'),
    Leo-Atienza-atlas-claude-06be497/skills/skills-archive/cc-devops/azure-pipelines-validator/scripts/check_security.py:59
  15. LOW skill-scriptLeo-Atienza/atlas-claudesuspicious bundled scriptecho " Linux: curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash"
    Leo-Atienza-atlas-claude-06be497/skills/cc-devops/helm-validator/scripts/setup_tools.sh:89