AGENTSCORE-2026-0039
MCP package: openchrome-mcp
Published 5/16/2026 · 1.10.4 → 1.12.2
openchrome-mcp updated from 1.10.4 to 1.12.2. Score changed 75/100 to 55/100 (-20). Risk: MODERATE to ELEVATED. 3 findings.
75 → 55
Score
MODERATE → ELEVATED
Risk
WARN
Verdict
Findings
- high command_injection: Potential command injection: shell execution with template literal input
- high unsafe_eval: Uses eval() with dynamic input
- low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: shaun0927