AGENTSCORE-2026-0038
MCP package: @unerr-ai/unerr
Published 5/15/2026 · 0.1.0 → 0.1.1
@unerr-ai/unerr updated from 0.1.0 to 0.1.1. Score changed 55/100 to 50/100 (-5). Risk: ELEVATED to ELEVATED. 5 findings.
55 → 50
Score
ELEVATED → ELEVATED
Risk
WARN
Verdict
Findings
- low install_script: Package has 'postinstall' script: node scripts/postinstall.mjs || true
- medium excessive_dependencies: Package has 45 runtime dependencies (high attack surface)
- medium no_repository: Package has no repository link — source code is not verifiable
- high command_injection: Potential command injection: shell execution with template literal input
- low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: jaswanth-unerr