github analyzed 4feccf8

sahiloj/MCPScan

Offensive MCP server auditor — detects tool poisoning, credential leaks, RCE vectors, SSRF, session hijacking, and supply chain vulnerabilities across stdio, HTTP, and SSE transports.

maintainer: sahiloj
license: MIT
first seen: 2026-06-01
last seen: 2026-06-04
releases · 30d: 0
short id

Drift inferred · capture-to-capture

HIGH 2026-06-14 code analysis flagged dynamic code execution ×2 in sahiloj/MCPScan

capabilities0 tools

transport stdio · streamable-http counts 0 tools · 0 res · 0 prompts permission surface via code analysis

no tools enumerated yet for this server.

skills & danger signalsgithub-tarball

prompt-surface shipped agent-instruction files + hidden-content / dangerous-code findings — quoted from the analyzed source

analyzed commit 4feccf8 · analyzer v17 · 3h ago

danger signals2

dynamic code executioneval()sahiloj-MCPScan-4feccf8/src/checks/overprivileged.ts:21'code-eval': /\b(?:eval(?:uate)?|interpret|execut(?:e|ing)\s+code|run\s+(?:code|script)|sandbox|repl|compile)\b/i,
dynamic code executioneval()sahiloj-MCPScan-4feccf8/src/checks/rce-vectors.ts:16/eval(?:uate)?s?\s+(?:arbitrary\s+)?(?:code|expression|javascript|python|ruby)/i,

code evidencevv0.1.0 · github-tarball

evidence-backed findings quoted directly from the published source artifact — not inferred

filesystem 2

fs sahiloj-MCPScan-4feccf8/src/checks/supply-chain.ts :1 import fs from 'node:fs/promises';
fs sahiloj-MCPScan-4feccf8/src/discovery/config-reader.ts :1 import fs from 'node:fs/promises';

shell / exec 4

shell sahiloj-MCPScan-4feccf8/src/checks/overprivileged.ts :17 'shell-exec': /\b(?:exec(?:ute)?|shell|bash|sh|zsh|cmd|powershell|spawn|subprocess|popen|system\s*call)\b/i,
shell sahiloj-MCPScan-4feccf8/src/checks/rce-vectors.ts :15 /spawn(?:s|ing)?\s+(?:a\s+)?(?:process|subprocess|child\s+process)/i,
shell sahiloj-MCPScan-4feccf8/src/checks/supply-chain.ts :136 const { execSync } = await import('node:child_process');
shell sahiloj-MCPScan-4feccf8/src/scanner.ts :2 import { execSync } from 'node:child_process';

network 3

net sahiloj-MCPScan-4feccf8/src/checks/ssrf.ts :14 const FETCH_DESCRIPTION_RE = /\b(?:fetch(?:es)?|request(?:s)?|download(?:s)?|retriev(?:e|es)|call(?:s)?\s+(?:a|an|the)?\s*(?:url|api|endpoint|webhook)|send(?:s)?\s+(?:a|an|the)?\s*(?:http|request)|scr
net sahiloj-MCPScan-4feccf8/src/discovery/network-scan.ts :20 const response = await fetch(url, {
net sahiloj-MCPScan-4feccf8/src/transport/http-client.ts :21 const response = await fetch(input, {

declared dependencies 11

@modelcontextprotocol/sdk@^1.12.0
boxen@^8.0.1
chalk@^5.4.1
commander@^14.0.0
ora@^8.2.0
semver@^7.7.1
zod@^3.25.0
@types/node@^22.0.0
@types/semver@^7.5.0
tsx@^4.19.0
typescript@^5.7.0