agentscope icon indicating copy to clipboard operation
agentscope copied to clipboard
verified publisher icon modelscope

Add MseeP.ai badge

Open lwsinclair opened this issue 9 months ago • 0 comments

Hi there,

This pull request shares a security update on agentscope.

We also have an entry for agentscope in our directory, MseeP.ai, where we provide regular security and trust updates on your app.

We invite you to add our badge for your MCP server to your README to help your users learn from a third party that provides ongoing validation of agentscope.

You can easily take control over your listing for free: visit it at https://mseep.ai/app/modelscope-agentscope.

Yours Sincerely,

Lawrence W. Sinclair CEO/SkyDeck AI Founder of MseeP.ai MCP servers you can trust

MseeP.ai Security Assessment Badge

Here are our latest evaluation results of agentscope

Security Scan Results

Security Score: 64/100

Risk Level: high

Scan Date: 2025-05-08

Score starts at 100, deducts points for security issues, and adds points for security best practices

Security Findings

Medium Severity Issues

  • semgrep: Use of os.system() with dynamic input detected. This can lead to command injection.

    • Location: applications/multisource_rag_app/src/utils/prepare_data_utils.py
    • Line: 28

  • semgrep: Use of os.system() with dynamic input detected. This can lead to command injection.

    • Location: applications/multisource_rag_app/src/utils/prepare_data_utils.py
    • Line: 34

  • ... and 6 more medium severity issues

Low Severity Issues

  • semgrep: Use of base64 decoding detected. This might indicate obfuscated code.

This security assessment was conducted by MseeP.ai, an independent security validation service for MCP servers. Visit our website to learn more about our security reviews.

lwsinclair avatar May 14 '25 07:05 lwsinclair