Is "@opentabs-dev/create-plugin" on MCP Registry Safe to Install?

opentabs-dev-admin · mcp · v0.0.83

Scaffold a new OpenTabs plugin — create MCP tools that interact with web apps through the browser

Risk Assessment

Analyzed
19.55
out of 100
MINIMAL

6 security findings detected across all analyzers

MCP server analyzed for tool poisoning, prompt injection, and data exfiltration

Severity Breakdown

0
Critical
0
High
5
Medium
0
Low
0
Info

Finding Categories

5
IoC Indicators

MCP Server Analysis

MCP servers expose tools and resources to AI assistants. Unlike browser extensions, they run as standalone processes with direct system access. Tool definitions are analyzed for prompt injection, data exfiltration, and tool poisoning patterns.

About This Extension

Scaffold a new OpenTabs plugin — create MCP tools that interact with web apps through the browser

Detailed Findings

1 total

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

Domains
5
Strings
5

All Indicators · 5

Domain
detected Domain: index.d.ts.map

XIOC detected Domain: index.d.ts.map

extracted_from_files

Domain
detected Domain: slack.com

XIOC detected Domain: slack.com

extracted_from_files

Domain
detected Domain: github.com

XIOC detected Domain: github.com

extracted_from_files

Domain
detected Domain: pc.red

XIOC detected Domain: pc.red

extracted_from_files

Domain
detected Domain: index.js.map

XIOC detected Domain: index.js.map

extracted_from_files

Security Analysis Summary

Security Analysis Overview

@opentabs-dev/create-plugin is a mcp extension published by opentabs-dev-admin. Version 0.0.83 has been analyzed by the Risky Plugins security platform, receiving a risk score of 19.55/100 (MINIMAL risk) based on 6 security findings.

Risk Assessment

This extension presents minimal security concerns. The automated analysis found very few or no issues, suggesting it is suitable for general use.

Findings Breakdown

  • Medium: 5 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

  • Malware Detection: YARA rule matching against 2,400+ malware signatures
  • Secret Detection: Scanning for exposed API keys, tokens, and credentials
  • Static Analysis: Code-level security analysis for common vulnerability patterns
  • Network Analysis: Detection of suspicious network communications and endpoints
  • Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

@opentabs-dev/create-plugin is published by opentabs-dev-admin on the mcp marketplace.

Recommendation

Based on the automated security analysis, this extension appears safe for general use. As with any extension, users should review the requested permissions before installation.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

@opentabs-dev/mcp-server

opentabs-dev-admin

CRITICAL

@opentabs-dev/opentabs-plugin-microsoft-word

opentabs-dev-admin

CRITICAL

@opentabs-dev/opentabs-plugin-powerpoint

opentabs-dev-admin

CRITICAL

@opentabs-dev/opentabs-plugin-slack-enterprise

opentabs-dev-admin

CRITICAL

@opentabs-dev/opentabs-plugin-sqlpad

opentabs-dev-admin

CRITICAL

@opentabs-dev/opentabs-plugin-teams

opentabs-dev-admin

CRITICAL