high

AGENTSCORE-2026-0035

Name: AgentScore MCP Package Security Scan Dataset
Creator: AgentScore

MCP package: safari-mcp

Published 5/14/2026 · 2.10.8 → 2.10.9

safari-mcp updated from 2.10.8 to 2.10.9. Score changed 70/100 to 50/100 (-20). Risk: MODERATE to ELEVATED. 4 findings.

70 → 50

Score

MODERATE → ELEVATED

Risk

WARN

Verdict

Findings

low install_script: Package has 'postinstall' script: node scripts/postinstall.cjs || true
high command_injection: Potential command injection: shell execution with template literal input
high unsafe_eval: Uses eval() with dynamic input
low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: achiya