← Back to search network filesystem shell env_vars
@ampersend_ai/modelcontextprotocol-sdk
Model Context Protocol implementation for TypeScript
C
71.7 / 100
Versions
1.0.0 latest May 20, 2026
Tools 1
greet unchecked low
A simple greeting tool
name string
Permissions 4
network medium filesystem low shell high env_vars low Scan Findings 35
info
package.json metadata
info
Tool: greet
info
Transport: stdio
info
Required env vars (3)
low
Tool 'greet' has no annotations
high
Hardcoded OAuth client ID in src/integration-tests/taskResumability.test.ts
high
Hardcoded OAuth client secret in src/server/auth/router.test.ts
high
Hardcoded OAuth client ID in src/server/auth/middleware/clientAuth.test.ts
high
Hardcoded OAuth client secret in src/server/auth/middleware/clientAuth.test.ts
high
Hardcoded OAuth client secret in src/server/auth/providers/proxyProvider.test.ts
high
Hardcoded OAuth client ID in src/server/auth/handlers/authorize.test.ts
high
Hardcoded OAuth client secret in src/server/auth/handlers/authorize.test.ts
high
Hardcoded OAuth client secret in src/server/auth/handlers/token.test.ts
high
Hardcoded OAuth client secret in src/server/auth/handlers/revoke.test.ts
high
Hardcoded OAuth client secret in src/examples/server/demoInMemoryOAuthProvider.test.ts
high
Hardcoded OAuth client secret in src/client/auth.test.ts
high
Hardcoded OAuth client secret in src/client/streamableHttp.test.ts
high
Hardcoded OAuth client secret in src/client/sse.test.ts
medium
Permission: network access detected
low
Permission: filesystem access detected
high
Permission: shell access detected
low
Permission: env_vars access detected
medium
Vulnerable dependency: ajv@6.12.6 (GHSA-2g4f-4pwh-qvx6)
medium
Vulnerable dependency: ws@8.18.0 (GHSA-58qx-3vcg-4xpx)
info
SLSA Build Level 3 detected
medium
Hardcoded OAuth client ID in src/integration-tests/taskResumability.test.ts
medium
Hardcoded OAuth client ID in src/server/auth/middleware/clientAuth.test.ts
medium
Hardcoded OAuth client ID in src/server/auth/handlers/authorize.test.ts
high
Deprecated implicit grant flow in src/server/auth/handlers/authorize.test.ts
high
High-risk OAuth scope: admin
info
Scanner output_poisoning failed
info
Scanner behavioral_verifier failed
info
SBOM generated: 510 components
info
MITRE ATLAS technique coverage summary
info
ATLAS: Adversarial ML Supply Chain (AML.T0043)