MCPVet
← Scan another
Low
npm · 4 files analyzed

@modelcontextprotocol/server-sequential-thinking

Minor capabilities, nothing alarming.

View source ↗
Environment variables (config / keys) 1

AI review

This is an official Anthropic MCP server for sequential thinking with no hidden instructions, data exfiltration, or deceptive tool descriptions. The only environment variable usage is for disabling thought logging, which is a legitimate configuration option documented in the README.

Model: deepseek-chat

Static findings

Environment variables (config / keys) · Reads environment variables (config / API keys)

low dist/lib.js:7 this.disableThoughtLogging = (process.env.DISABLE_THOUGHT_LOGGING || "").toLowerCase() === "true";

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.