← Back to search Server uses network capabilities via: fetch() Server uses filesystem capabilities via: fs, fs sync ops Server uses shell capabilities via: child_process, execSync(), spawn() Server uses env_vars capabilities via: process.env
smithery-ai/cli
MCP Registry ↗ npm
C
65.5 / 100
Versions
1.1.1 latest May 22, 2026
1.1.0 May 22, 2026
1.0.1 May 3, 2026
1.0.0 May 1, 2026
Tools 5
increment missing low
Test stateful behavior - should increment across calls
get_session_data missing low
Get accumulated session data
ping missing low
Simple ping tool
get_server_info missing low
Get server type info
get_config missing low
Returns the config passed to the server
Permissions 4
network medium filesystem low shell high env_vars low Scan Findings 62
info
package.json metadata
info
Tool: increment
info
Tool: get_session_data
info
Tool: ping
info
Tool: get_server_info
info
Tool: get_config
info
Transport: streamable-http
info
Required env vars (12)
low
Tool 'increment' has no annotations
low
Tool 'get_session_data' has no annotations
low
Tool 'ping' has no annotations
low
Tool 'get_server_info' has no annotations
low
Tool 'get_config' has no annotations
medium
OAuth implementation without PKCE
medium
Permission: network access detected
low
Permission: filesystem access detected
high
Permission: shell access detected
low
Permission: env_vars access detected
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.25.3 (GHSA-345p-7cg4-v4c7)
medium
Vulnerable dependency: uuid@11.1.0 (GHSA-w5hq-g745-h8pq)
medium
Vulnerable dependency: ws@8.20.0 (GHSA-58qx-3vcg-4xpx)
medium
Vulnerable dependency: yaml@2.3.4 (GHSA-48c2-rrv3-qjmp)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.25.1 (GHSA-345p-7cg4-v4c7)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.25.1 (GHSA-8r9q-7v3j-jr4g)
info
SLSA Build Level 3 detected
info
Could not connect to MCP server for output poisoning scan
info
Could not connect to MCP server for behavioral verification
info
SBOM generated: 35 components
info
MITRE ATLAS technique coverage summary
info
ATLAS: Adversarial ML Supply Chain (AML.T0043)
info
ATLAS: Poison Training Data (AML.T0020)
info
package.json metadata
info
Tool: increment
info
Tool: get_session_data
info
Tool: ping
info
Tool: get_server_info
info
Tool: get_config
info
Transport: streamable-http
info
Required env vars (12)
low
Tool 'increment' has no annotations
low
Tool 'get_session_data' has no annotations
low
Tool 'ping' has no annotations
low
Tool 'get_server_info' has no annotations
low
Tool 'get_config' has no annotations
medium
OAuth implementation without PKCE
medium
Permission: network access detected
low
Permission: filesystem access detected
high
Permission: shell access detected
low
Permission: env_vars access detected
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.25.3 (GHSA-345p-7cg4-v4c7)
medium
Vulnerable dependency: uuid@11.1.0 (GHSA-w5hq-g745-h8pq)
medium
Vulnerable dependency: ws@8.20.0 (GHSA-58qx-3vcg-4xpx)
medium
Vulnerable dependency: yaml@2.3.4 (GHSA-48c2-rrv3-qjmp)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.25.1 (GHSA-345p-7cg4-v4c7)
medium
Vulnerable dependency: @modelcontextprotocol/sdk@1.25.1 (GHSA-8r9q-7v3j-jr4g)
info
SLSA Build Level 3 detected
info
Could not connect to MCP server for output poisoning scan
info
Could not connect to MCP server for behavioral verification
info
SBOM generated: 35 components
info
MITRE ATLAS technique coverage summary
info
ATLAS: Adversarial ML Supply Chain (AML.T0043)
info
ATLAS: Poison Training Data (AML.T0020)