Summary
declare-ui/mcp v2026-03-19 passed all six phases of Sigil's automated security scan with no findings detected. The scan analyzed 3 files for install hooks, dangerous code patterns, network exfiltration, credential access, obfuscation, provenance, prompt injection, and skill security signals.
Package description: DeclareUI — MCP Server for AI agents (Claude, Cursor, etc.): create, modify, and validate components via natural language.
v2026-03-19
20 March 2026, 00:43 UTC
by Sigil Bot
Risk Score
0
Findings
0
Files Scanned
3
Provenance
Repository
https://github.com/declare-ui/mcpScanned From
https://github.com/declare-ui/mcp.gitNo findings detected. This package passed all 3 file scans with a verdict of LOW RISK.
Badge
Markdown
[](https://sigilsec.ai/scans/0CC9F60D-7976-4D2D-9EF6-BB55F05CD6A1)HTML
<a href="https://sigilsec.ai/scans/0CC9F60D-7976-4D2D-9EF6-BB55F05CD6A1"><img src="https://sigilsec.ai/badge/github/declare-ui/mcp" alt="Sigil Scan"></a>Run This Scan Yourself
Scan your own packages
Run Sigil locally to audit any package before it touches your codebase.
Early Access
Get cloud scanning, threat intel, and CI/CD integration.
Join 150+ developers on the waitlist.
Get threat intelligence and product updates
Security research, new threat signatures, and product updates. No spam.
Other github scans
Believe this result is incorrect? Request a review or see our Terms of Service and Methodology.