AGENTSCORE-2026-0031
MCP package: @mcp-guardian/server
Published 5/13/2026 · 2.3.12 → 2.3.14
@mcp-guardian/server updated from 2.3.12 to 2.3.14. Score changed 85/100 to 80/100 (-5). Risk: LOW to MODERATE. 3 findings.
85 → 80
Score
LOW → MODERATE
Risk
ALLOW
Verdict
Findings
- medium excessive_dependencies: Package has 27 runtime dependencies (high attack surface)
- low command_injection: Potential command injection: shell execution with template literal input (downgraded — mitigators detected in scope: test_fixture:/prompt-injection-detector.js)
- low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: rudraneel93