AGENTSCORE-2026-0025
MCP package: prism-mcp-server
Published 5/6/2026 · 13.0.1 → 13.1.1
prism-mcp-server updated from 13.0.1 to 13.1.1. Score changed 85/100 to 65/100 (-20). Risk: LOW to ELEVATED. 3 findings. (Backfilled May 6 after monitor-cron-only detection.)
85 → 65
Score
LOW → ELEVATED
Risk
WARN
Verdict
Findings
- medium excessive_dependencies: Package has 23 runtime dependencies (high attack surface)
- high unsafe_eval: Uses eval() with dynamic input
- low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: dmitricostenco