METHODOLOGY
How MCP-INDEX discovers, classifies, and analyzes MCP servers for security vulnerabilities.
Disclaimer: All findings on MCP-INDEX are automated analysis results. They indicate potential vulnerabilities that require manual verification. False positives are possible.
REPOSITORY DISCOVERY
MCP-INDEX searches GitHub using five keyword queries:
- modelcontextprotocol
- mcp server
- @modelcontextprotocol/sdk
- mcpServers
- claude_desktop_config
MCP SERVER CLASSIFICATION
Each repo is classified using dynamic file discovery (GitHub tree API):
- mcp_server — Server SDK imports + tool registration
- mcp_client — Client patterns (McpClient)
- unknown — MCP keywords but no implementation
LLM ANALYSIS
Two-phase analysis using deepseek-v4-pro via CrofAI:
- Fetch repo tree via GitHub API, rank by entry point score
- Follow imports up to 2 levels deep (max 8 files / 200KB)
- Phase 1: LLM determines purpose + threat model
- Phase 2: LLM audits with purpose-aware decision tree
RISK SCORING
Score calculated from LLM findings only:
Critical: +40, High: +25, Medium: +15, Low: +5, capped at 100
≥ 70 :: CRITICAL
≥ 40 :: HIGH
≥ 20 :: MEDIUM
< 20 :: LOW
LIMITATIONS
- Static analysis only — No runtime verification
- LLM accuracy — False positives possible
- GitHub-only — npm, PyPI not covered
- Rate limited — GitHub API may delay analysis