{"generated_at":"2026-05-29T07:18:25.409Z","report_title":"State of MCP Package Security: April 2026","monitoring":{"packages_monitored":1465,"scans_total":22396,"latest_watch_update_at":"2026-05-29T07:18:07.484+00:00","scanner_version":"2.1"},"scores":{"sample_size":1000,"mean":92.2,"median":95,"distribution":{"90-100":787,"80-89":146,"70-79":44,"60-69":19,"50-59":3,"40-49":1,"30-39":0,"20-29":0,"10-19":0,"0-9":0},"bucket_order":["90-100","80-89","70-79","60-69","50-59","40-49","30-39","20-29","10-19","0-9"]},"risk":{"distribution":{"LOW":917,"MODERATE":60,"ELEVATED":22,"HIGH":1,"CRITICAL":0},"order":["LOW","MODERATE","ELEVATED","HIGH","CRITICAL"]},"findings":{"sample_size":500,"scans_in_sample_with_findings":394,"scans_in_sample_without_findings":106,"total_in_sample":581,"by_type":{"no_provenance":367,"command_injection":79,"install_script":59,"no_repository":48,"excessive_dependencies":13,"unsafe_eval":6,"no_license":5,"hardcoded_secret":3,"sensitive_file_access":1},"by_severity":{"critical":2,"high":39,"medium":62,"low":478}},"capabilities":{"sample_size":573,"by_type":{"unknown":546,"search_index":307,"database_access":192,"network_egress":190,"email_messaging":148,"secrets_access":135,"filesystem_read":110,"memory_state":90,"browser_automation":84,"repo_read":76,"cloud_infra":73,"filesystem_write":61,"shell_exec":25,"repo_write":17,"code_analysis":17}},"install_scripts":{"sample_size":829,"present":65,"absent":764,"rate":0.078},"advisories":{"total":58,"by_severity":{"critical":2,"high":36,"medium":0,"low":20},"recent":[{"package":"@diagrammo/dgmo-mcp","severity":"low","published_at":"2026-05-21T02:18:09.61914+00:00"},{"package":"beluz-qa","severity":"low","published_at":"2026-05-22T20:06:10.224277+00:00"},{"package":"@socialneuron/mcp-server","severity":"low","published_at":"2026-05-22T21:24:09.982865+00:00"},{"package":"hemmabo-mcp-server","severity":"low","published_at":"2026-05-23T00:40:18.212442+00:00"},{"package":"chrome-devtools-mcp","severity":"high","published_at":"2026-05-23T02:10:17.953609+00:00"},{"package":"@axon-trading/mcp","severity":"low","published_at":"2026-05-25T00:00:37.481338+00:00"},{"package":"safari-mcp","severity":"high","published_at":"2026-05-26T17:12:09.091835+00:00"},{"package":"zentric-protocol-mcp","severity":"critical","published_at":"2026-05-26T18:56:09.588071+00:00"},{"package":"codeloop-mcp-server","severity":"high","published_at":"2026-05-26T20:50:19.159567+00:00"},{"package":"vidlens-mcp","severity":"high","published_at":"2026-05-28T14:28:09.785717+00:00"}]},"lowest_scoring_packages":[{"package":"@stackmemoryai/stackmemory","score":40,"risk":"HIGH","version":"1.12.0"},{"package":"fa-mcp-sdk","score":45,"risk":"HIGH","version":"0.4.142"},{"package":"mneme-ai","score":50,"risk":"ELEVATED","version":"2.89.0"},{"package":"brave-real-browser-mcp-server","score":50,"risk":"ELEVATED","version":"2.45.29"},{"package":"@mcp-guardian/server","score":55,"risk":"ELEVATED","version":"3.2.4"},{"package":"vidlens-mcp","score":55,"risk":"ELEVATED","version":"1.3.0"},{"package":"memoir-cli","score":55,"risk":"ELEVATED","version":"3.6.1"},{"package":"pythia-lcs","score":55,"risk":"ELEVATED","version":"3.1.0"},{"package":"perp-cli","score":55,"risk":"ELEVATED","version":"0.12.17"},{"package":"agentic-flow","score":60,"risk":"ELEVATED","version":"2.0.13"}],"notes":{"findings_sample":"Findings aggregates reflect the most recent 500 scans rather than all scans on record, to avoid double-counting repeat scans of the same package.","severity_downgrade":"Severity values reflect scanner v2.1 context-aware downgrade: findings flagged by regex but with a detected sanitizer wrapper or test-fixture context nearby are reduced in severity with an explicit annotation.","capability_sample":"Capability counts reflect packages that have capability analysis populated on their most recent scan. Older monitored packages may not have this field yet."}}