Mcp Agent Langchainjs

Azure-Samples/mcp-agent-langchainjsMIT⭐ 173🔧 9 tools

D3.7SpiderScore (registry)

Decision

Allow with Risk

Confidence

90%

Mcp Agent Langchainjs has risks — usable with isolation (3.67/10, 0 critical, 2 high).

Recommended Actions

medium
Review Before Production
Moderate quality score — manual review recommended

Risk Flags (2)

high
ts_path_traversal×2
Potential path traversal -- user input used in file system operations
medium
ts_input_reflection
User input reflected directly in tool output -- may enable prompt injection via reflection

How This Was Decided

negativew=0.5Overall quality score = 3.67/10 (grade D)
negativew=0.52 high-severity issue(s) detected
negativew=0.3Tool description clarity score = 1.9/10

Source: SpiderRating automated security scanUpdated: 2026-03-21Protocol: v1.1

Description Quality

Composite: 1.9 / 10

3-Layer Breakdown

Description (38%)

1.9

Security (34%)

7.9

Metadata (28%)

8.4

Description Dimensions

Intent Clarity

3.6

Permission Scope

0.0

Side Effects

2.0

Capability Disclosure

2.4

Operational Boundaries

2.2

Security Analysis

7.9

Score

Critical

High

Medium

Low

Findings Redacted

Detailed security findings are hidden during the 90-day responsible disclosure window. Maintainers have been notified.

2 HIGH1 MEDIUM

Metadata Health

Provenance (40%)

10.0

Maintenance (35%)

7.0

Popularity (25%)

7.9

Badge

Add this badge to your README:

[![SpiderRating](https://spiderrating.com/badge/Azure-Samples__mcp-agent-langchainjs.svg)](https://spiderrating.com/servers/Azure-Samples/mcp-agent-langchainjs)

🛡️