sift-mcp
enmito/sift-mcpMCP server that wraps Brave Search and augments each result with a transparent quality vector (tier, editorial standards, commercial intent, authoritative weight) for downstream agent reasoning
High risk — review carefully before installing
This package can run commands on your computer AND reads your secret tokens. That combination means it could potentially steal your credentials. Only install this if you trust the author and understand why it needs these permissions.
What We Found(5 issues)
Each card explains what was found and what it means in plain English. Click "Technical details" for the full breakdown.
Caution. This package runs system commands on your computer. This is like giving someone the keys to your terminal. They could run anything — download files, change settings, or access your private data.
Technical details
Direct process execution functions (exec, spawn) can run arbitrary commands. Combined with user input, this enables remote code execution.
spawnSync(Caution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.
Technical details
Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.
process.env.BRAVE_API_KEYCaution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.
Technical details
Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.
process.env.LLM_API_KEYCaution. This package reads your secret passwords and API tokens from your system. If it also has network access, your credentials could be sent to someone else's server. Check WHY it needs your secrets.
Technical details
Reading sensitive environment variables (tokens, secrets, keys, passwords) suggests data exfiltration. MCP servers should declare required env vars, not silently read secrets.
process.env.GOOGLE_SAFE_BROWSING_KEYRisky. This package doesn't lock its dependency versions. That means if one of its dependencies gets hacked tomorrow, you'd automatically download the hacked version. Good packages always pin their versions.
Technical details
Using '*' or 'latest' as a dependency version means any future version will be installed automatically — including compromised ones.
"latest"Finding Summary
0
Critical
4
High
1
Medium
0
Low
0
Info