AGENTSCORE-2026-0080
MCP package: code-auditor-mcp
Published 7/18/2026 · 2.6.2 → 3.0.0
code-auditor-mcp updated from 2.6.2 to 3.0.0. Score changed 95/100 to 90/100 (-5). Risk: LOW to LOW. 2 findings.
95 → 90
Score
LOW → LOW
Risk
ALLOW
Verdict
Findings
- low command_injection: Potential command injection: shell execution with template literal input (downgraded — mitigators detected in scope: sanitizer:path.resolve, sanitizer:${handoffRemaining.length})
- low no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: bhammond