prism-mcp-server updated from 11.6.0 to 12.5.0. Score changed 85/100 to 65/100 (-20). Risk: LOW to ELEVATED. 3 findings.
Package
-
Name:
prism-mcp-server - Version: 11.6.0 to 12.5.0
- Score: 85/100 to 65/100
- Risk: LOW to ELEVATED
Findings
- [MEDIUM] excessive_dependencies: Package has 23 runtime dependencies (high attack surface)
- [HIGH] command_injection: Potential command injection: shell execution with template literal input
- [LOW] no_provenance: Package is not published with provenance attestations or trusted publishing. Published by: dmitricostenco
Full advisory: AGENTSCORE-2026-0017
Verdict API: curl https://agentscores.xyz/api/verdict?npm=prism-mcp-server
Auto-published by AgentScore MCP security monitoring.
Top comments (0)