AGENTSCORE-2026-0072
MCP package: @firfi/huly-mcp
Published 6/30/2026 · 0.44.0 → 0.44.3
@firfi/huly-mcp updated from 0.44.0 to 0.44.3. Score changed 90/100 to 80/100 (-10). Risk: LOW to MODERATE. 3 findings.
90 → 80
Score
LOW → MODERATE
Risk
ALLOW
Verdict
Findings
- medium excessive_dependencies: Package has 21 runtime dependencies (high attack surface)
- low command_injection: Potential command injection: shell execution with template literal input (downgraded — mitigators detected in scope: sanitizer:.exec(` PRAGMA, sanitizer:db.exec()
- low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: firfi