MCPVet
Clean
Environment variables (config / keys) 2
Remote code execution 1
AI review
No prompt injection, hidden instructions, or data exfiltration mechanisms were found. The extension is a legitimate MCP server for Chroma vector database operations with standard environment variable usage for configuration.
- low Remote code execution in CI pipeline — The GitHub Actions workflow at .github/workflows/test.yml:24 uses curl to install uv from astral.sh. This is a standard CI pattern and does not affect the runtime behavior of the MCP server itself.
- low Environment variable access for configuration — The server reads CHROMA_CLIENT_TYPE from environment variables (server.py:40) and tests copy the environment (test_server.py:26). This is expected behavior for configuring the Chroma client type and does not exfiltrate data.
Model: deepseek-chat
Static findings
Remote code execution · Downloads and executes remote code
info
.github/workflows/test.yml:24
curl -LsSf https://astral.sh/uv/install.sh | sh
Environment variables (config / keys) · Reads environment variables (config / API keys)
low
src/chroma_mcp/server.py:40
default=os.getenv('CHROMA_CLIENT_TYPE', 'ephemeral'),
info
tests/test_server.py:26
original_environ = os.environ.copy()
Scanning every extension your team installs?
Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.
MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.