Mcp Context Forge

IBM/mcp-context-forgeApache-2.0โญ 3,456๐Ÿ”ง 78 tools

F2.0SpiderScore (registry)
โš  Hard constraint applied: critical vulnerability
Decision
Not Recommended
Confidence
90%

Mcp Context Forge is not recommended โ€” low score (2.0/10) with 24 critical issues.

Recommended Actions

  • high
    Run In Container
    24 critical vulnerabilities require isolation
  • high
    Limit Permissions
    Restrict tool access to minimum required scope

Do Not

  • โœ—running in production without container isolation
  • โœ—exposing this tool to untrusted input
  • โœ—using for security-sensitive tasks
Risk Flags (7)
  • critical
    sql_injectionร—3
    SQL injection รขโ‚ฌโ€ .execute() called with f-string (user input may reach query)
  • critical
    command_injection
    Command injection risk รขโ‚ฌโ€ subprocess called with shell=True and non-literal command
  • high
    path_traversalร—3
    Tainted path traversal รขโ‚ฌโ€ user-controlled path flows to file operation without validation
  • high
    token_leakageร—9
    Secret or token may be leaked through error messages, logs, or return values
  • medium
    ssrfร—2
    Potential SSRF -- unrestricted network requests with user-controlled URLs
  • medium
    timing_attack_comparison
    Secret compared with == operator -- timing side-channel may leak value length
  • medium
    input_reflection
    User input reflected directly in tool output -- may enable prompt injection via reflection
How This Was Decided
  • negativew=0.5Overall quality score = 2.0/10 (grade F)
  • negativew=0.824 critical security issue(s) detected
  • negativew=0.5494 high-severity issue(s) detected
  • negativew=0.3Tool description clarity score = 2.0/10
Source: SpiderRating automated security scanUpdated: 2026-03-21Protocol: v1.1

Description Quality

Composite: 2.0 / 10

3-Layer Breakdown

Description (38%)
2.0
Security (34%)
7.6
Metadata (28%)
9.4

Description Dimensions

Intent Clarity
3.1
Permission Scope
0.0
Side Effects
2.0
Capability Disclosure
3.0
Operational Boundaries
2.3

Security Analysis

7.6
Score
24
Critical
494
High
18
Medium
39
Low

Findings Redacted

Detailed security findings are hidden during the 90-day responsible disclosure window. Maintainers have been notified.

488 HIGH24 CRITICAL18 MEDIUM

Metadata Health

Provenance (40%)
10.0
Maintenance (35%)
9.0
Popularity (25%)
9.2

Badge

Add this badge to your README:

[![SpiderRating](https://spiderrating.com/badge/IBM__mcp-context-forge.svg)](https://spiderrating.com/servers/IBM/mcp-context-forge)
๐Ÿ›ก๏ธ

Protect Your Agents

Get a free API key. Every MCP tool call checked against 15,923 rated servers in real-time.

Get Free API Key โ†’
๐Ÿ“Š

Monitor All Your Servers

Dashboard for your entire MCP portfolio. Score tracking, alerts, and compliance reports.

Start Free Trial โ†’
โญ

Scan Locally (Open Source)

Run SpiderShield on your own machine. 46+ security rules, zero data leaves your system.

Star on GitHub โ†’

Similar Servers

Foundry Mcp Rs0xClandestine/foundry-mcp-rs
2.0F
Cognio0xReLogic/Cognio
2.0F
Mcp Tradovate0xjmp/mcp-tradovate
2.0F
Appium Mcp1405942836/appium-mcp
2.0F
Mcp Zen199-mcp/mcp-zen
2.0F