tree-sitter
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): Requires the installation of mcp-server-tree-sitter, a package from an unverified source, posing a supply chain risk.
- DATA_EXFILTRATION (LOW): Documentation exposes a hardcoded local path (/Users/alice/mcp-server-tree-sitter), revealing user environment metadata like host username.
- PROMPT_INJECTION (MEDIUM): Vulnerable to indirect prompt injection via untrusted code analysis.
- Ingestion points: get_file and analyze_project tools read raw code from the project directory.
- Boundary markers: Absent; there are no specified delimiters to separate code content from instructions.
- Capability inventory: File system read access and AST parsing which feed into agent reasoning.
- Sanitization: No evidence of sanitization for code comments or string literals that might contain malicious instructions.
Audit Metadata