{"generated_at":"2026-05-17T07:07:15.138Z","report_title":"State of MCP Package Security: April 2026","monitoring":{"packages_monitored":1392,"scans_total":17635,"latest_watch_update_at":"2026-05-17T07:06:07.904+00:00","scanner_version":"2.1"},"scores":{"sample_size":1000,"mean":92.1,"median":95,"distribution":{"90-100":786,"80-89":131,"70-79":66,"60-69":12,"50-59":4,"40-49":1,"30-39":0,"20-29":0,"10-19":0,"0-9":0},"bucket_order":["90-100","80-89","70-79","60-69","50-59","40-49","30-39","20-29","10-19","0-9"]},"risk":{"distribution":{"LOW":899,"MODERATE":84,"ELEVATED":16,"HIGH":1,"CRITICAL":0},"order":["LOW","MODERATE","ELEVATED","HIGH","CRITICAL"]},"findings":{"sample_size":500,"scans_in_sample_with_findings":402,"scans_in_sample_without_findings":98,"total_in_sample":581,"by_type":{"no_provenance":381,"command_injection":78,"no_repository":54,"install_script":34,"excessive_dependencies":12,"unsafe_eval":9,"no_license":9,"sensitive_file_access":3,"prompt_injection_pattern":1},"by_severity":{"critical":1,"high":42,"medium":66,"low":472}},"capabilities":{"sample_size":581,"by_type":{"unknown":554,"search_index":330,"network_egress":198,"database_access":195,"email_messaging":155,"secrets_access":145,"filesystem_read":118,"memory_state":102,"browser_automation":85,"repo_read":77,"cloud_infra":76,"filesystem_write":68,"shell_exec":24,"repo_write":22,"code_analysis":15}},"install_scripts":{"sample_size":893,"present":61,"absent":832,"rate":0.068},"advisories":{"total":39,"by_severity":{"critical":1,"high":26,"medium":0,"low":12},"recent":[{"package":"browser-devtools-mcp","severity":"high","published_at":"2026-05-11T09:04:12.223845+00:00"},{"package":"@mcp-guardian/server","severity":"low","published_at":"2026-05-13T16:08:13.082508+00:00"},{"package":"ninja-terminals","severity":"high","published_at":"2026-05-13T22:10:17.361352+00:00"},{"package":"mcpbrowser","severity":"high","published_at":"2026-05-13T22:48:08.563352+00:00"},{"package":"@vibebrowser/mcp","severity":"low","published_at":"2026-05-14T08:14:08.310444+00:00"},{"package":"safari-mcp","severity":"high","published_at":"2026-05-14T20:14:10.380175+00:00"},{"package":"novada-proxy-mcp","severity":"low","published_at":"2026-05-15T00:40:16.865289+00:00"},{"package":"@planu/cli","severity":"high","published_at":"2026-05-15T03:20:19.085451+00:00"},{"package":"@unerr-ai/unerr","severity":"high","published_at":"2026-05-15T07:04:16.097148+00:00"},{"package":"openchrome-mcp","severity":"high","published_at":"2026-05-16T00:00:37.074815+00:00"}]},"lowest_scoring_packages":[{"package":"fa-mcp-sdk","score":30,"risk":"HIGH","version":"0.4.95"},{"package":"@stackmemoryai/stackmemory","score":40,"risk":"HIGH","version":"1.12.0"},{"package":"@cachly-dev/mcp-server","score":50,"risk":"ELEVATED","version":"0.10.25"},{"package":"@unerr-ai/unerr","score":50,"risk":"ELEVATED","version":"0.1.6"},{"package":"brave-real-browser-mcp-server","score":50,"risk":"ELEVATED","version":"2.45.29"},{"package":"safari-mcp","score":50,"risk":"ELEVATED","version":"2.10.9"},{"package":"perp-cli","score":55,"risk":"ELEVATED","version":"0.12.17"},{"package":"pythia-lcs","score":55,"risk":"ELEVATED","version":"3.1.0"},{"package":"openchrome-mcp","score":55,"risk":"ELEVATED","version":"1.12.2"},{"package":"memoir-cli","score":55,"risk":"ELEVATED","version":"3.6.1"}],"notes":{"findings_sample":"Findings aggregates reflect the most recent 500 scans rather than all scans on record, to avoid double-counting repeat scans of the same package.","severity_downgrade":"Severity values reflect scanner v2.1 context-aware downgrade: findings flagged by regex but with a detected sanitizer wrapper or test-fixture context nearby are reduced in severity with an explicit annotation.","capability_sample":"Capability counts reflect packages that have capability analysis populated on their most recent scan. Older monitored packages may not have this field yet."}}