Is sherifkozman/eve-mcp safe to install?

sherifkozman/eve-mcp was flagged as CRITICAL RISK (risk score 149) with 15 findings detected across 99 files. Review the findings before installing.

What security issues were found in sherifkozman/eve-mcp?

Sigil detected 15 findings in sherifkozman/eve-mcp, including patterns related to provenance, network_exfil, code_patterns. See the full scan report for details.

Scans/github/sherifkozman/eve-mcp

sherifkozman/eve-mcp

github

Summary

sherifkozman/eve-mcp v18755a57 was classified as CRITICAL RISK with a risk score of 149. Sigil detected 15 findings across 99 files, covering phases including provenance, network exfiltration, code patterns. Review the findings below before installing this package.

CRITICAL RISK(149)

v18755a57

24 March 2026, 17:16 UTC

by Sigil Bot

Risk Score

149

Findings

Files Scanned

Provenance

Registry

https://github.com/sherifkozman/eve-mcp

Repository

https://github.com/sherifkozman/eve-mcp

Scanned From

https://github.com/sherifkozman/eve-mcp.git

Findings by Phase

•

Phase Ordering

Phases are ordered by criticality, with the most dangerous at the top. Click any phase header to expand or collapse its findings. Critical phases are expanded by default.

Badge

Markdown

[![Sigil Scan](https://sigilsec.ai/badge/github/sherifkozman/eve-mcp)](https://sigilsec.ai/scans/759FD44C-9A57-45A5-8C57-33759B2BFD01)

HTML

<a href="https://sigilsec.ai/scans/759FD44C-9A57-45A5-8C57-33759B2BFD01"><img src="https://sigilsec.ai/badge/github/sherifkozman/eve-mcp" alt="Sigil Scan"></a>

Run This Scan Yourself

Scan your own packages

Run Sigil locally to audit any package before it touches your codebase.

curl -sSL https://sigilsec.ai/install.sh | sh

Read the docs →Free. Apache 2.0.

Early Access

Get cloud scanning, threat intel, and CI/CD integration.

Join 150+ developers on the waitlist.

Get threat intelligence and product updates

Security research, new threat signatures, and product updates. No spam.

Other github scans

awslabs/mcp

v2026-03-24

CRITICAL RISK5430

sumanrio/mcp-atlassian-extended

v2026-03-24

CRITICAL RISK76

agentic-community/mcp-gateway-registry

v2026-03-23

CRITICAL RISK4261.5

youdotcom-oss/dx-toolkit

v2026-03-23

MEDIUM RISK23

Believe this result is incorrect? Request a review or see our Terms of Service and Methodology.

Scanned bySigil Bot

← Back to Scan Database

sherifkozman/eve-mcp

Summary

Provenance

Findings by Phase

Code Patterns

Network / Exfiltration

Provenance

Badge

Scan your own packages

Get threat intelligence and product updates

Other github scans