Nitrostack

nitrocloudofficial/nitrostackApache-2.024🔧 45 tools

F1.9SpiderScore (registry)
Use cases:auth-identitydb-queryapi-integration
⚠ Hard constraint applied: critical vulnerability
Decision
Not Recommended
Confidence
90%

Nitrostack is not recommended — low score (1.85/10) with 7 critical issues.

Recommended Actions

  • high
    Run In Container
    7 critical vulnerabilities require isolation
  • high
    Limit Permissions
    Restrict tool access to minimum required scope

Do Not

  • running in production without container isolation
  • exposing this tool to untrusted input
  • using for security-sensitive tasks
Risk Flags (9)
  • critical
    child_process_injection×5
    Command injection — execSync() with non-literal command
  • critical
    ts_unsafe_eval
    Dynamic code execution via eval() with non-literal argument
  • critical
    ts_async_injection
    Async process spawn with user-controlled command -- injection risk
  • high
    token_leakage
    Secret or token may be leaked through error messages, logs, or return values
  • high
    prototype_pollution
    Potential prototype pollution -- user-controlled keys may modify Object.prototype
  • high
    ts_path_traversal×3
    Potential path traversal -- user input used in file system operations
  • high
    ts_token_leakage
    Secret or token may be leaked through error messages, logs, or return values
  • medium
    ts_input_reflection×2
    User input reflected directly in tool output -- may enable prompt injection via reflection
  • medium
    input_reflection
    User input reflected directly in tool output -- may enable prompt injection via reflection
How This Was Decided
  • negativew=0.5Overall quality score = 1.85/10 (grade F)
  • negativew=0.87 critical security issue(s) detected
  • negativew=0.57 high-severity issue(s) detected
  • negativew=0.3Tool description clarity score = 1.7/10
Source: SpiderRating automated security scanUpdated: 2026-03-22Protocol: v1.1

Description Quality

Composite: 1.7 / 10

3-Layer Breakdown

Description (38%)
1.7
Security (34%)
5.9
Metadata (28%)
6.1

Description Dimensions

Intent Clarity
1.3
Permission Scope
0.2
Side Effects
2.0
Capability Disclosure
3.4
Operational Boundaries
1.7

Security Analysis

5.9
Score
7
Critical
7
High
3
Medium
0
Low

Findings Redacted

Detailed security findings are hidden during the 90-day responsible disclosure window. Maintainers have been notified.

7 CRITICAL7 HIGH3 MEDIUM

Metadata Health

Provenance (40%)
8.0
Maintenance (35%)
5.0
Popularity (25%)
4.6

Badge

Add this badge to your README:

[![SpiderRating](https://spiderrating.com/badge/nitrocloudofficial__nitrostack.svg)](https://spiderrating.com/servers/nitrocloudofficial/nitrostack)
🛡️

Protect Your Agents

Get a free API key. Every MCP tool call checked against 15,923 rated servers in real-time.

Get Free API Key →
📊

Monitor All Your Servers

Dashboard for your entire MCP portfolio. Score tracking, alerts, and compliance reports.

Start Free Trial →

Scan Locally (Open Source)

Run SpiderShield on your own machine. 46+ security rules, zero data leaves your system.

Star on GitHub →

Similar Servers

Kafka Mcp ServerCefBoud/kafka-mcp-server
3.8D
Ldap Mcptrxo/ldap-mcp
3.8D
Mcp Google Spreadsheetkazz187/mcp-google-spreadsheet
3.8D
Zenmoney Mcpsakost/zenmoney-mcp
3.8D
Crmharperreed/crm
3.7D