NNew Relic MCP ServerRun NRQL, NerdGraph, and REST v2 operations to query data, manage incidents, create synthetics, and annotate deployments — all from your MCP client. A full‑featured New Relic MCP server that goes far beyond basic NRQL. It exposes safe, typed tools for APM discovery, alert policy/incident workflows (including acknowledge), entity search and deep details, creating Synthetics Browser monitors, and New Relic REST v2 coverage for deployments and metrics with region awareness and auto‑pagination.
mcp-so:new-relic_@cloudbring
View sourceFirst Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
3
Score
67/100
Findings (3)
Instruction override combined with dangerous operations
A full‑featured New Relic MCP server that goes far beyond basic NRQL. It exposes safe, typed tools for APM discovery, alert policy/incident workflows (including acknowledge), entity search and deep ...Remove language that attempts to override safety guidelines or bypass system-level controls. This pattern is a strong indicator of a jailbreak attempt.
Likely FP if the matched text is in a security research document or educational content clearly marked as an example rather than an active payload.
Detects -y, --yes, or --auto-approve flags in MCP/skill install commands that bypass user confirmation
"-y"Remove the -y/--yes auto-confirm flag from MCP server launch arguments. This flag bypasses user confirmation prompts and allows unattended execution of potentially dangerous operations.
Likely FP if the matched text is an isolated flag (-y or --yes) in documentation describing command-line options, not in an actual MCP config.
Detects MCP server configs using npx to run packages without version pinning
"command": "npx"Pin the npx package in the MCP config to an exact version (e.g., @scope/server@1.2.3). Unpinned npx commands can silently fetch a compromised package version.
Likely FP if the MCP config is a local development setup example, though unpinned npx in production configs is a real supply chain risk.