PIPELINELOADING...

METHODOLOGY

How MCP-INDEX discovers, classifies, and analyzes MCP servers for security vulnerabilities.

Disclaimer: All findings on MCP-INDEX are automated analysis results. They indicate potential vulnerabilities that require manual verification. False positives are possible.
01 · running
DISCOVER
GitHub search · 5 keyword queries
▓▒░░░░░░░░18%
02 · idle
CLASSIFY
Server / Client / Unknown
▓▓▓▓░░░░░░42%
03 · idle
FETCH
max 8 files, 2 depth · 200KB cap
▓▓▓▓▓▓▓░░░70%
04 · idle
ANALYZE
LLM audit · deepseek-v4-pro
▓▓▓░░░░░░░31%
05 · idle
SCORE
0–100 · 4 severity levels
▓▓▓▓▓▓▓▓▒░85%
> tail -f /var/log/mcp-index/sweep.log
> daily sweep statistics
schedule 22:00 UTC · dailyavg analysis 5.2s / repoavg cost $0.0017 / repotokens / repo ~14,200concurrency 16 workerslast full sweep 3h 47m agonext full sweep in 5h 14m
REPOSITORY DISCOVERY

MCP-INDEX searches GitHub using five keyword queries:

  • modelcontextprotocol
  • mcp server
  • @modelcontextprotocol/sdk
  • mcpServers
  • claude_desktop_config
MCP SERVER CLASSIFICATION

Each repo is classified using dynamic file discovery (GitHub tree API):

  • mcp_serverServer SDK imports + tool registration
  • mcp_clientClient patterns (McpClient)
  • unknownMCP keywords but no implementation
LLM ANALYSIS

Two-phase analysis using deepseek-v4-pro via CrofAI:

  1. Fetch repo tree via GitHub API, rank by entry point score
  2. Follow imports up to 2 levels deep (max 8 files / 200KB)
  3. Phase 1: LLM determines purpose + threat model
  4. Phase 2: LLM audits with purpose-aware decision tree
RISK SCORING

Score calculated from LLM findings only:

Critical: +40, High: +25, Medium: +15, Low: +5, capped at 100
≥ 70 :: CRITICAL
≥ 40 :: HIGH
≥ 20 :: MEDIUM
< 20 :: LOW
LIMITATIONS
  • Static analysis onlyNo runtime verification
  • LLM accuracyFalse positives possible
  • GitHub-onlynpm, PyPI not covered
  • Rate limitedGitHub API may delay analysis