Csoai Governance Crosswalk MCP Server by MEOK AI Labs
This MCP server contains multiple critical security vulnerabilities including arbitrary code execution via unrestricted sys.path manipulation, unsafe remote code loading from external systems, dangerous subprocess patterns, and potential credential exfiltration. The code imports from hardcoded external paths (~/clawd/meok-labs-engine/shared) and attempts to load untrusted modules without validation. Authentication is optional and easily bypassable. These vulnerabilities create severe risks for any system running this server. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.
4 files analyzed · 18 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-csoai-org-csoai-governance-crosswalk-mcp": {
"args": [
"-y",
"csoai-governance-crosswalk-mcp"
],
"command": "npx"
}
}
}Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Web content fetching and conversion for efficient LLM usage
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.