We ran a security scan on @sparkleideas/agentic-flow@2.0.2-alpha-patch.30 as part of our MCP ecosystem monitoring.
Score: 60/100
Risk: ELEVATED
Findings
- [MEDIUM] excessive dependencies: Package has 36 runtime dependencies (high attack surface)
- [HIGH] command injection: Potential command injection: shell execution with template literal input
What this checks
Install scripts, prompt injection patterns in metadata, suspicious URLs, source code patterns (command injection, unsafe eval, hardcoded secrets), dependency count, metadata completeness, and publisher provenance.
How to verify
You can scan this package yourself at https://agentscores.xyz/scan or via the API:
curl "https://agentscores.xyz/api/scan?npm=%40sparkleideas%2Fagentic-flow"
This is an automated scan. If any finding is incorrect, we'd appreciate knowing so we can improve detection accuracy.
Full written reviews with hardening recommendations: https://agentscores.xyz/security-review
Scanned by AgentScore MCP security monitoring.
We ran a security scan on
@sparkleideas/agentic-flow@2.0.2-alpha-patch.30as part of our MCP ecosystem monitoring.Score: 60/100
Risk: ELEVATED
Findings
What this checks
Install scripts, prompt injection patterns in metadata, suspicious URLs, source code patterns (command injection, unsafe eval, hardcoded secrets), dependency count, metadata completeness, and publisher provenance.
How to verify
You can scan this package yourself at https://agentscores.xyz/scan or via the API:
This is an automated scan. If any finding is incorrect, we'd appreciate knowing so we can improve detection accuracy.
Full written reviews with hardening recommendations: https://agentscores.xyz/security-review
Scanned by AgentScore MCP security monitoring.