kyegomez
Add MseeP.ai badge
Hi there,
This pull request shares a security update on swarms.
We also have an entry for swarms in our directory, MseeP.ai, where we provide regular security and trust updates on your app.
We invite you to add our badge for your MCP server to your README to help your users learn from a third party that provides ongoing validation of swarms.
You can easily take control over your listing for free: visit it at https://mseep.ai/app/kyegomez-swarms.
Yours Sincerely,
Lawrence W. Sinclair CEO/SkyDeck AI Founder of MseeP.ai MCP servers you can trust
Here are our latest evaluation results of swarms
Security Scan Results
Security Score: 60/100
Risk Level: high
Scan Date: 2025-07-30
Score starts at 100, deducts points for security issues, and adds points for security best practices
Security Findings
Medium Severity Issues
-
semgrep: Use of yaml.load() detected. This can lead to remote code execution. Use yaml.safe_load() instead.
- Location: swarms/structs/base_swarm.py
- Line: 672
-
semgrep: Avoiding SQL string concatenation: untrusted input concatenated with raw SQL query can result in SQL Injection. In order to execute raw query safely, prepared statement should be used. SQLAlchemy provides TextualSQL to easily used prepared statement with named parameters. For complex SQL composition, use SQL Expression Language or Schema Definition Language. In most cases, SQLAlchemy ORM will be a better option.
- Location: swarms/communication/duckdb_wrap.py
- Line: 182
-
... and 61 more medium severity issues
Low Severity Issues
- semgrep: Use of base64 decoding detected. This might indicate obfuscated code.
- ... and 1 more low severity issues
This security assessment was conducted by MseeP.ai, an independent security validation service for MCP servers. Visit our website to learn more about our security reviews.
📚 Documentation preview 📚: https://swarms--996.org.readthedocs.build/en/996/
