AGENTSCORE-2026-0064
MCP package: infrawise
Published 6/17/2026 · 0.10.3 → 0.12.4
infrawise updated from 0.10.3 to 0.12.4. Score changed 90/100 to 85/100 (-5). Risk: LOW to LOW. 2 findings.
90 → 85
Score
LOW → LOW
Risk
ALLOW
Verdict
Findings
- medium excessive_dependencies: Package has 28 runtime dependencies (high attack surface)
- low command_injection: Potential command injection: shell execution with template literal input (downgraded — mitigators detected in scope: sanitizer:path.join)