MCP SDK
npm@modelcontextprotocol/sdkThe Model Context Protocol SDK is the official JavaScript implementation of MCP, the open protocol for connecting AI models to tools and data sources. It is used to build MCP servers (tool providers) and MCP clients (agent-side connectors). MCP servers often grant LLM agents access to filesystems, databases, APIs, and shell commands.
Checking MCP SDK
@modelcontextprotocol/sdk 1.0.0 is a clean version with no known supply chain compromise. The response returns compromised: false with an empty sources array.
curl "https://api.attestd.io/v1/check?product=%40modelcontextprotocol%2Fsdk&version=1.0.0" \
-H "Authorization: Bearer YOUR_API_KEY"{
"product": "@modelcontextprotocol/sdk",
"version": "1.0.0",
"supported": true,
"risk_state": "none",
"supply_chain": {
"compromised": false,
"sources": [],
"malware_type": null,
"description": null,
"advisory_url": null,
"compromised_at": null,
"removed_at": null
},
"last_updated": "2026-05-01T00:00:00Z"
}Why this package is monitored
MCP server packages define the tool interface that agents use to execute actions. A compromised MCP SDK can intercept tool definitions and results, inject malicious tool responses, or exfiltrate the full list of capabilities exposed to the agent before any tool call is issued.
Attestd monitors @modelcontextprotocol/sdk using the following detection sources:
registryManually curated advisories in the Attestd registry, verified by a human analyst. Confidence 1.0.
osvOSV.dev malicious-package advisories with IDs prefixed MAL-. Confidence 0.95.
npm_deprecationnpm package versions with deprecation messages containing targeted attack language such as malicious, backdoor, or compromised. Confidence 0.80.