AgentScore is for sale. View the assets and acquisition details →
AgentScoreMCP Security
high

AGENTSCORE-2026-0044

MCP package: beecork

Published 5/18/2026 · 1.4.91.7.0

beecork updated from 1.4.9 to 1.7.0. Score changed 75/100 to 70/100 (-5). Risk: MODERATE to MODERATE. 3 findings.

7570
Score
MODERATEMODERATE
Risk
WARN
Verdict

Findings

  • low install_script: Package has 'postinstall' script: node scripts/postinstall.mjs
  • high command_injection: Potential command injection: shell execution with template literal input
  • low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: lbakhia
Live report for beecorkHow scoring works