Threat Database
509 malicious packages detected across AI marketplaces
| Risk | Package | First Seen |
|---|---|---|
| critical | STUzhy/py_execute_mcp | 4d ago |
| critical | pinkpixel-dev/web-scout-mcp | 4d ago |
| critical | kkjdaniel/bgg-mcp | 4d ago |
| critical | clay-inc/clay-mcp | 4d ago |
| low | mcp-server-git | 4d ago |
| low | websockets | 4d ago |
| critical | httpx | 4d ago |
| low | msgspec | 4d ago |
| critical | pydantic | 4d ago |
| critical | pandera | 4d ago |
| critical | great-expectations | 4d ago |
| critical | dbt-core | 4d ago |
| critical | fastapi | 4d ago |
| critical | deepeval | 4d ago |
| critical | @sylphx/pdf-reader-mcp | 4d ago |
| critical | @maestro-ai/mcp-server | 4d ago |
| critical | @resourcexjs/mcp-server | 4d ago |
| low | @zapier/zapier-sdk-mcp | 4d ago |
| critical | mcp-searxng | 4d ago |
| critical | @vibescope/mcp-server | 4d ago |