ICUICU
critical

ai.smithery/TakoData-tako-mcp

v1.16.0

Provide real-time data querying and visualization by integrating Tako with your agents. Generate o…

MCP RegistrysmitheryFirst seen Feb 24, 2026Source

5

Total

1

Critical

0

High

4

Medium

Findings

unknown
criticalDE-002Data ExfiltrationHigh ConfidenceLine 0

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    55: 
    56: # Environments
>>> 57: .env
    58: .venv
    59: env/
Report false positive
mediumEN-001unknownMedium ConfidenceLine 0

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Report false positive
mediumNS-002Network SuspiciousMedium ConfidenceLine 0

Python urllib network request

Detected by automated pattern matching (rule NS-002) with medium confidence. May be a false positive.

    15:     restart: unless-stopped
    16:     healthcheck:
>>> 17:       test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8001/health')"]
    18:       interval: 30s
    19:       timeout: 10s
Report false positive
mediumNS-001Network SuspiciousMedium ConfidenceLine 0

Python requests library HTTP call

Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.

    142:     for kc in response.outputs.knowledge_cards:
    143:         if kc.data_url:
>>> 144:             response = requests.get(kc.data_url)
    145:             response.raise_for_status()  # Raise an exception for bad status codes
    146:             data = response.text
Report false positive
mediumEN-001unknownMedium ConfidenceLine 0

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Report false positive

Scan History

DateRiskFindings
Feb 26, 2026critical5
Feb 24, 2026critical5