grafana/mcp-grafana

Minor capabilities, nothing alarming.

View source ↗

Outbound network 1

Environment variables (config / keys) 5

Shell / command execution 1

Sensitive credential files 1

AI review

No malicious or deceptive content found. The extension is a legitimate Grafana MCP server with standard development patterns, and the static findings are either benign test artifacts or expected operational code.

low Test file references /etc/passwd — k8s_client_test.go:319 uses '../../etc/passwd' as a test input for a Kubernetes client call. This is a common testing pattern to verify path traversal protections and does not exfiltrate data in production.
low Environment variable access in tests and install script — Multiple test files and .claude-plugin/install-binary.mjs read environment variables (e.g., GRAFANA_URL, MCP_TRANSPORT, CLAUDE_PLUGIN_ROOT). This is expected for configuration and does not indicate credential exfiltration.
low Command execution in install script — .claude-plugin/install-binary.mjs uses spawn from child_process and fetch to download a binary. This is standard for plugin installation and not a hidden instruction.

Model: deepseek-chat

Static findings

Shell / command execution · Executes shell / system commands

medium .claude-plugin/install-binary.mjs:3 import { spawn } from 'node:child_process';

Outbound network · Makes outbound network requests

low .claude-plugin/install-binary.mjs:83 const response = await fetch(url);

Environment variables (config / keys) · Reads environment variables (config / API keys)

low .claude-plugin/install-binary.mjs:11 const PLUGIN_ROOT = process.env.CLAUDE_PLUGIN_ROOT;

info tests/admin_test.py:27 grafana_url = os.environ.get("GRAFANA_URL", DEFAULT_GRAFANA_URL)

info tests/conftest.py:42 return os.environ.get("MCP_TRANSPORT", DEFAULT_MCP_TRANSPORT)

info tests/disable_write_test.py:11 env = {"GRAFANA_URL": os.environ.get("GRAFANA_URL", "http://localhost:3000")}

info tests/utils.py:41 mcp_url = os.environ.get("MCP_GRAFANA_URL", "http://localhost:8000")

Sensitive credential files · Reads sensitive credential files

info k8s_client_test.go:319 _, err := client.Get(context.Background(), testDashboardDesc, "default", "../../etc/passwd")

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.