Skip to content

DEV Community

Michael Kayode Onyekwere

Posted on Apr 25

AGENTSCORE-2026-0015: `sverklo` risk change detected

#security #supplychain #mcp #npm

sverklo updated from 0.12.5 to 0.16.0. Score changed 80/100 to 60/100 (-20). Risk: MODERATE to ELEVATED. 2 findings.

Package

Name: sverklo
Version: 0.12.5 to 0.16.0
Score: 80/100 to 60/100
Risk: MODERATE to ELEVATED

Findings

[HIGH] command_injection: Potential command injection: shell execution with template literal input
[HIGH] unsafe_eval: Uses eval() with dynamic input

Full advisory: AGENTSCORE-2026-0015

Verdict API: curl https://agentscores.xyz/api/verdict?npm=sverklo

Auto-published by AgentScore MCP security monitoring.

Top comments (0)

Subscribe