Code Index Mcp

ViperJuice/Code-Index-MCPMITโญ 47๐Ÿ”ง 5 tools

F1.8SpiderScore (registry)
โš  Hard constraint applied: critical vulnerability
Decision
Not Recommended
Confidence
90%

Code Index Mcp is not recommended โ€” low score (1.82/10) with 16 critical issues.

Recommended Actions

  • high
    Run In Container
    16 critical vulnerabilities require isolation
  • high
    Limit Permissions
    Restrict tool access to minimum required scope

Do Not

  • โœ—running in production without container isolation
  • โœ—exposing this tool to untrusted input
  • โœ—using for security-sensitive tasks
Risk Flags (3)
  • critical
    command_injection
    Command injection risk รขโ‚ฌโ€ os.system() called with non-literal argument
  • critical
    sql_injectionร—14
    SQL injection รขโ‚ฌโ€ .execute() called with f-string (user input may reach query)
  • high
    token_leakageร—5
    Secret or token may be leaked through error messages, logs, or return values
How This Was Decided
  • negativew=0.5Overall quality score = 1.82/10 (grade F)
  • negativew=0.816 critical security issue(s) detected
  • negativew=0.549 high-severity issue(s) detected
  • negativew=0.3Tool description clarity score = 1.6/10
Source: SpiderRating automated security scanUpdated: 2026-03-21Protocol: v1.1

Description Quality

Composite: 1.6 / 10

3-Layer Breakdown

Description (38%)
1.6
Security (34%)
4.2
Metadata (28%)
7.8

Description Dimensions

Intent Clarity
1.6
Permission Scope
0.0
Side Effects
2.0
Capability Disclosure
2.9
Operational Boundaries
1.8

Security Analysis

4.2
Score
16
Critical
49
High
0
Medium
0
Low

Findings Redacted

Detailed security findings are hidden during the 90-day responsible disclosure window. Maintainers have been notified.

16 CRITICAL49 HIGH

Metadata Health

Provenance (40%)
9.0
Maintenance (35%)
8.0
Popularity (25%)
5.4

Badge

Add this badge to your README:

[![SpiderRating](https://spiderrating.com/badge/ViperJuice__Code-Index-MCP.svg)](https://spiderrating.com/servers/ViperJuice/Code-Index-MCP)
๐Ÿ›ก๏ธ

Protect Your Agents

Get a free API key. Every MCP tool call checked against 15,923 rated servers in real-time.

Get Free API Key โ†’
๐Ÿ“Š

Monitor All Your Servers

Dashboard for your entire MCP portfolio. Score tracking, alerts, and compliance reports.

Start Free Trial โ†’
โญ

Scan Locally (Open Source)

Run SpiderShield on your own machine. 46+ security rules, zero data leaves your system.

Star on GitHub โ†’

Similar Servers

Aicode ToolkitAgiFlow/aicode-toolkit
1.8F
Locallama McpHeratiki/locallama-mcp
1.8F
CodingbuddyJeremyDev87/codingbuddy
1.8F
Junos Mcp ServerJuniper/junos-mcp-server
1.8F
RagwithmilvustestNanGePlus/RagWithMilvusTest
1.8F