First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
4
Score
55/100
Findings (4)
Detects automatic registration of MCP servers into agent configuration
mcp
add
"https://serverPin the curl/wget download to a specific URL with version and verify the downloaded file's SHA-256 checksum before using it. Prefer package manager installs over raw downloads.
Likely FP if the download is from a well-known canonical source (e.g., official GitHub release) and the documentation includes checksum verification steps.
Detects automatic package or skill updates via cron or scheduled tasks without verification
npm update -gAvoid installing packages from private or unofficial registries specified in skill instructions. Verify the registry URL is legitimate and use scoped packages with registry configuration.
Likely FP if the private registry is a well-known enterprise registry (e.g., GitHub Packages, Artifactory) documented in the project setup.
Detects automatic registration of MCP servers into agent configuration
mcp
add
"https://server.smithery.ai/namespace/serverPin the curl/wget download to a specific URL with version and verify the downloaded file's SHA-256 checksum before using it. Prefer package manager installs over raw downloads.
Likely FP if the download is from a well-known canonical source (e.g., official GitHub release) and the documentation includes checksum verification steps.
Detects global installation of packages which affects the host system
npm
install
-g
@Replace npm install -g with a local install (npm install --save-dev) or use npx with a pinned version. Global installs modify the system and risk supply chain attacks.
Likely FP if the global install is for a well-known CLI tool (e.g., typescript, eslint) in setup documentation, though the supply chain risk remains real.