aidex-mcp updated from 1.17.1 to 1.18.0. Score changed 70/100 to 60/100 (-10). Risk: MODERATE to ELEVATED. 4 findings.
Package
-
Name:
aidex-mcp - Version: 1.17.1 to 1.18.0
- Score: 70/100 to 60/100
- Risk: MODERATE to ELEVATED
Findings
- [LOW] install_script: Package has 'postinstall' script: node scripts/postinstall.mjs
- [MEDIUM] excessive_dependencies: Package has 21 runtime dependencies (high attack surface)
- [HIGH] command_injection: Potential command injection: shell execution with template literal input
- [LOW] no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: uchalas
Full advisory: AGENTSCORE-2026-0014
Verdict API: curl https://agentscores.xyz/api/verdict?npm=aidex-mcp
Auto-published by AgentScore MCP security monitoring.
Top comments (0)