MCPVet
← Scan another
Low
npm · 4 files analyzed

@modelcontextprotocol/server-sequential-thinking

Minor capabilities, nothing alarming.

View source ↗
Environment variables (config / keys) 1

AI review

This is an official Anthropic MCP server for sequential thinking with no hidden instructions, data exfiltration, or deceptive tool descriptions. The only environment variable access is a documented opt-in to disable thought logging, which is a legitimate configuration option.

Model: deepseek-chat

Static findings

Environment variables (config / keys) · Reads environment variables (config / API keys)

low dist/lib.js:7 this.disableThoughtLogging = (process.env.DISABLE_THOUGHT_LOGGING || "").toLowerCase() === "true";

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.