openchrome-mcp updated from 1.10.0 to 1.10.1. Score changed 95/100 to 75/100 (-20). Risk: LOW to MODERATE. 2 findings.
Package
-
Name:
openchrome-mcp - Version: 1.10.0 to 1.10.1
- Score: 95/100 to 75/100
- Risk: LOW to MODERATE
Findings
- [HIGH] command_injection: Potential command injection: shell execution with template literal input
- [LOW] no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: shaun0927
Full advisory: AGENTSCORE-2026-0009
Verdict API: curl https://agentscores.xyz/api/verdict?npm=openchrome-mcp
Auto-published by AgentScore MCP security monitoring.
Top comments (0)