← Back to search

@ampersend_ai/modelcontextprotocol-sdk

edgeandnode MIT Scanned 54d ago

Model Context Protocol implementation for TypeScript

C
71.7 / 100

Versions

1.0.0 latest
May 20, 2026
PermissionsTool SafetyAuthAnnotationsCode QualityStabilitySpecVuln HistoryAuthorTransparencyCommunity

Tools 1

greet
annotations: not checked low

A simple greeting tool

name string

Permissions 4

network medium
network
filesystem low
filesystem
shell high
shell
env_vars low
env_vars

Scan Findings 35

info
package.json metadata manifest_parser · 100%
info
Tool: greet manifest_parser · 70%
info
Transport: stdio manifest_parser · 90%
info
Required env vars (3) manifest_parser · 80%
low
Tool 'greet' has no annotations annotation_checker · 100%
high
Hardcoded OAuth client ID in src/integration-tests/taskResumability.test.ts auth_checker · 85%
high
Hardcoded OAuth client secret in src/server/auth/router.test.ts auth_checker · 95%
high
Hardcoded OAuth client ID in src/server/auth/middleware/clientAuth.test.ts auth_checker · 85%
high
Hardcoded OAuth client secret in src/server/auth/middleware/clientAuth.test.ts auth_checker · 95%
high
Hardcoded OAuth client secret in src/server/auth/providers/proxyProvider.test.ts auth_checker · 95%
high
Hardcoded OAuth client ID in src/server/auth/handlers/authorize.test.ts auth_checker · 85%
high
Hardcoded OAuth client secret in src/server/auth/handlers/authorize.test.ts auth_checker · 95%
high
Hardcoded OAuth client secret in src/server/auth/handlers/token.test.ts auth_checker · 95%
high
Hardcoded OAuth client secret in src/server/auth/handlers/revoke.test.ts auth_checker · 95%
high
Hardcoded OAuth client secret in src/examples/server/demoInMemoryOAuthProvider.test.ts auth_checker · 95%
high
Hardcoded OAuth client secret in src/client/auth.test.ts auth_checker · 95%
high
Hardcoded OAuth client secret in src/client/streamableHttp.test.ts auth_checker · 95%
high
Hardcoded OAuth client secret in src/client/sse.test.ts auth_checker · 95%
medium
Permission: network access detected permission_analyzer · 70%
low
Permission: filesystem access detected permission_analyzer · 90%
high
Permission: shell access detected permission_analyzer · 95%
low
Permission: env_vars access detected permission_analyzer · 90%
medium
Vulnerable dependency: ajv@6.12.6 (GHSA-2g4f-4pwh-qvx6) dependency_analyzer · 95%
medium
Vulnerable dependency: ws@8.18.0 (GHSA-58qx-3vcg-4xpx) dependency_analyzer · 95%
info
SLSA Build Level 3 detected slsa_assessor · 85%
medium
Hardcoded OAuth client ID in src/integration-tests/taskResumability.test.ts oauth_scope_analyzer · 80%
medium
Hardcoded OAuth client ID in src/server/auth/middleware/clientAuth.test.ts oauth_scope_analyzer · 80%
medium
Hardcoded OAuth client ID in src/server/auth/handlers/authorize.test.ts oauth_scope_analyzer · 80%
high
Deprecated implicit grant flow in src/server/auth/handlers/authorize.test.ts oauth_scope_analyzer · 85%
high
High-risk OAuth scope: admin oauth_scope_analyzer · 80%
info
Scanner output_poisoning failed output_poisoning · 50%
info
Scanner behavioral_verifier failed behavioral_verifier · 50%
info
SBOM generated: 510 components sbom_generator · 100%
info
MITRE ATLAS technique coverage summary atlas_annotator · 100%
info
ATLAS: Adversarial ML Supply Chain (AML.T0043) atlas_annotator · 100%