mcp-tool-risk-review

Review MCP server tools and manifests before agents expose them to package workflows.

The signed bundle is stored on Gitlawb, pinned by digest and checked against transparency evidence before install. Use the evidence page for the exact source, release and witness proof for this package version.

0.1.0

feea10c8fd2c7a963e58dd372b19942982eb18c1515b3f1d9b104b0957bab456

No dependency metadata is published for this package version.

Level

verified

Score

100

Artifact digest

verified

Bundle signature

verified

Source provenance

verified

Transparency

verified

Quality

100/100 Excellent

Trust

verified/100

Quality

100/100

Permissions

quiet

Advisory

clear

nipmod inspect pkg:did:key:z6MkwYNoJqw78ZhMGWywJHkE8f7PqnR37BXA5Tagc22N6HuV/mcp-tool-risk-review@0.1.0 --json
nipmod install --plan pkg:did:key:z6MkwYNoJqw78ZhMGWywJHkE8f7PqnR37BXA5Tagc22N6HuV/mcp-tool-risk-review@0.1.0 --json

No active high or critical quarantine blocks this package version.

nipmod install mcp-tool-risk-review

Canonical

pkg:did:key:z6MkwYNoJqw78ZhMGWywJHkE8f7PqnR37BXA5Tagc22N6HuV/mcp-tool-risk-review@0.1.0

Digest

feea10c8fd2c7a963e58dd372b19942982eb18c1515b3f1d9b104b0957bab456

Source tag

v0.1.0

Source commit

49b058505bf74c24975805d29cfb071359d76d29

Root

3cc66da3292900a4ac482b2c301db5c6e0a00c2461847a29fec5275da7f631cf

Agents should inspect first, then install only when trust score, permissions, advisories and local policy match the workspace.