mcp-registry
Fail
Audited by Snyk on Jun 22, 2026
Risk Level: HIGH
Full Analysis
HIGH W007: Insecure credential handling detected in skill instructions.
- Insecure credential handling detected (high risk: 0.80). The prompt embeds examples that place API tokens and DB credentials directly in config files (e.g., "GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_xxxxx" and "postgresql://user:pass@..."), and describes adding/editing ~/.mcp.json which means an agent could be expected to read, create, or output those secret values verbatim—an exfiltration risk.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill invokes and runs remote npm packages at runtime via npx (e.g., "npx -y @modelcontextprotocol/server-github" — https://www.npmjs.com/package/@modelcontextprotocol/server-github and "npx -y @modelcontextprotocol/server-postgres" — https://www.npmjs.com/package/@modelcontextprotocol/server-postgres), which fetches and executes external code that provides tools/resources that directly affect agent behavior.
Issues (2)
W007
HIGHInsecure credential handling detected in skill instructions.
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata