AGENTSCORE-2026-0014
MCP package: aidex-mcp
Published 4/25/2026 · 1.17.1 → 1.18.0
aidex-mcp updated from 1.17.1 to 1.18.0. Score changed 70/100 to 60/100 (-10). Risk: MODERATE to ELEVATED. 4 findings.
70 → 60
Score
MODERATE → ELEVATED
Risk
WARN
Verdict
Findings
- low install_script: Package has 'postinstall' script: node scripts/postinstall.mjs
- medium excessive_dependencies: Package has 21 runtime dependencies (high attack surface)
- high command_injection: Potential command injection: shell execution with template literal input
- low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: uchalas