Is tana-mcp-codemode safe to use?

tana-mcp-codemode has a security risk score of 100/100 (CRITICAL risk). Our security analysis detected 192 findings. Review the detailed security assessment below to understand the specific risks before installation.

What are the security risks of tana-mcp-codemode?

Based on our automated security analysis, tana-mcp-codemode presents critical risk level. The extension is analyzed for malware patterns, secret exposure, network communications, permissions, and supply chain vulnerabilities.

How is the security score calculated?

Risky Plugins calculates security scores using weighted categories: severity of findings (25 points max), malware detections (35 points), secret exposure (28 points), network communications (10 points), and obfuscation (10 points). Scores range from 0-100, with higher scores indicating greater risk.

What does CRITICAL, HIGH, MEDIUM, LOW, MINIMAL risk mean?

CRITICAL (80-100): Severe security issues like malware. HIGH (60-79): Significant vulnerabilities. MEDIUM (40-59): Moderate security concerns. LOW (20-39): Minor issues. MINIMAL (0-19): Very low risk. Always review findings before installing any extension.

Is "tana-mcp-codemode" on MCP Registry Safe to Install?

Name: tana-mcp-codemode
Availability: InStock
Author: fabiogaliano

fabiogaliano · mcp · v0.3.0

Codemode MCP server for Tana — AI writes TypeScript that executes against Tana Local API

Risk Assessment

Analyzed

100

out of 100

CRITICAL

192 security findings detected across all analyzers

MCP server analyzed for tool poisoning, prompt injection, and data exfiltration

Severity Breakdown

Critical

High

Medium

Low

Info

Finding Categories

Malware Signatures

Secrets

Network

IoC Indicators

YARA Rules Matched

8 rules(48 hits)

postinstall file download postinstall system command postinstall crypto operations postinstall network communication credential env files postinstall environment access postinstall file manipulation postinstall obfuscation

MCP Server Analysis

MCP servers expose tools and resources to AI assistants. Unlike browser extensions, they run as standalone processes with direct system access. Tool definitions are analyzed for prompt injection, data exfiltration, and tool poisoning patterns.

About This Extension

Codemode MCP server for Tana — AI writes TypeScript that executes against Tana Local API

Detailed Findings

127 total

YARA Rule Matches

8 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs

IP Addresses

Domains

Strings

All Indicators · 64

Domain

detected Domain: tana.workspace.id

XIOC detected Domain: tana.workspace.id

extracted_from_files

detected IP: 127.0.0.1

XIOC detected IP: 127.0.0.1

extracted_from_files

URL

detected URL: http://localhost:$

XIOC detected URL: http://localhost:$

extracted_from_files

URL

detected URL: https://tana.inc).

XIOC detected URL: https://tana.inc).

extracted_from_files

URL

detected URL: https://github.com/fabiogaliano/tana-mcp-codemode/releases)

XIOC detected URL: https://github.com/fabiogaliano/tana-mcp-codemode/releases)

extracted_from_files

URL

detected URL: https://github.com/fabiogaliano/tana-mcp-codemode

XIOC detected URL: https://github.com/fabiogaliano/tana-mcp-codemode

extracted_from_files

URL

detected URL: https://tana.inc)

XIOC detected URL: https://tana.inc)

extracted_from_files

URL

detected URL: http://127.0.0.1:8262

XIOC detected URL: http://127.0.0.1:8262

extracted_from_files

URL

detected URL: https://github.com/fabiogaliano/tana-mcp-codemode.git

XIOC detected URL: https://github.com/fabiogaliano/tana-mcp-codemode.git

extracted_from_files

Domain

detected Domain: byname.id

XIOC detected Domain: byname.id

extracted_from_files

Domain

detected Domain: workspaces.map

XIOC detected Domain: workspaces.map

extracted_from_files

Domain

detected Domain: readme.md

XIOC detected Domain: readme.md

extracted_from_files

Domain

detected Domain: health.ping

XIOC detected Domain: health.ping

extracted_from_files

Domain

detected Domain: db.run

XIOC detected Domain: db.run

extracted_from_files

URL

detected Domain: url.search

XIOC detected Domain: url.search

extracted_from_files

Domain

detected Domain: data.children.map

XIOC detected Domain: data.children.map

extracted_from_files

Domain

detected Domain: tana.nodes.open

XIOC detected Domain: tana.nodes.open

extracted_from_files

Domain

detected Domain: performance.now

XIOC detected Domain: performance.now

extracted_from_files

Domain

detected Domain: args.map

XIOC detected Domain: args.map

extracted_from_files

Domain

detected Domain: shadowedglobals.map

XIOC detected Domain: shadowedglobals.map

extracted_from_files

Domain

detected Domain: byid.name

XIOC detected Domain: byid.name

extracted_from_files

Domain

detected Domain: byid.id

XIOC detected Domain: byid.id

extracted_from_files

Domain

detected Domain: byname.name

XIOC detected Domain: byname.name

extracted_from_files

Domain

detected Domain: columns.map

XIOC detected Domain: columns.map

extracted_from_files

Domain

detected Domain: col.name

XIOC detected Domain: col.name

extracted_from_files

Domain

detected Domain: date.now

XIOC detected Domain: date.now

extracted_from_files

Domain

detected Domain: nodes.search

XIOC detected Domain: nodes.search

extracted_from_files

Domain

detected Domain: nodes.read

XIOC detected Domain: nodes.read

extracted_from_files

Domain

detected Domain: tana.nodes.read

XIOC detected Domain: tana.nodes.read

extracted_from_files

Domain

detected Domain: nodes.open

XIOC detected Domain: nodes.open

extracted_from_files

Domain

detected Domain: child.id

XIOC detected Domain: child.id

extracted_from_files

Domain

detected Domain: child.name

XIOC detected Domain: child.name

extracted_from_files

Domain

detected Domain: api-bugs.md

XIOC detected Domain: api-bugs.md

extracted_from_files

Domain

detected Domain: s.id

XIOC detected Domain: s.id

extracted_from_files

Domain

detected Domain: node.id

XIOC detected Domain: node.id

extracted_from_files

Domain

detected Domain: raw.creatednodes.map

XIOC detected Domain: raw.creatednodes.map

extracted_from_files

Domain

detected Domain: n.id

XIOC detected Domain: n.id

extracted_from_files

Domain

detected Domain: c.name

XIOC detected Domain: c.name

extracted_from_files

Domain

detected Domain: t.id

XIOC detected Domain: t.id

extracted_from_files

Domain

detected Domain: w.id

XIOC detected Domain: w.id

extracted_from_files

Domain

detected Domain: w.name

XIOC detected Domain: w.name

extracted_from_files

Domain

detected Domain: line.search

XIOC detected Domain: line.search

extracted_from_files

Domain

detected Domain: client.post

XIOC detected Domain: client.post

extracted_from_files

Domain

detected Domain: options.name

XIOC detected Domain: options.name

extracted_from_files

Domain

detected Domain: t.name

XIOC detected Domain: t.name

extracted_from_files

Domain

detected Domain: data.map

XIOC detected Domain: data.map

extracted_from_files

Domain

detected Domain: r.id

XIOC detected Domain: r.id

extracted_from_files

Domain

detected Domain: r.name

XIOC detected Domain: r.name

extracted_from_files

Domain

detected Domain: data.total

XIOC detected Domain: data.total

extracted_from_files

Domain

detected Domain: rows.map

XIOC detected Domain: rows.map

extracted_from_files

Domain

detected Domain: c.id

XIOC detected Domain: c.id

extracted_from_files

Domain

detected Domain: results.map

XIOC detected Domain: results.map

extracted_from_files

Domain

detected Domain: n.name

XIOC detected Domain: n.name

extracted_from_files

Domain

detected Domain: tana.health

XIOC detected Domain: tana.health

extracted_from_files

Domain

detected Domain: stmt.run

XIOC detected Domain: stmt.run

extracted_from_files

Domain

detected Domain: this.name

XIOC detected Domain: this.name

extracted_from_files

Domain

detected Domain: error.name

XIOC detected Domain: error.name

extracted_from_files

Domain

detected Domain: tags.map

XIOC detected Domain: tags.map

extracted_from_files

detected IP: e::

XIOC detected IP: e::

extracted_from_files

detected IP: ::

XIOC detected IP: ::

extracted_from_files

Domain

detected Domain: fabiogaliano.com

XIOC detected Domain: fabiogaliano.com

extracted_from_files

Domain

detected Domain: github.com

XIOC detected Domain: github.com

extracted_from_files

Domain

detected Domain: tana.inc

XIOC detected Domain: tana.inc

extracted_from_files

Domain

detected Domain: tana.nodes.search

XIOC detected Domain: tana.nodes.search

extracted_from_files

Security Analysis Summary

Security Analysis Overview

tana-mcp-codemode is a mcp extension published by fabiogaliano. Version 0.3.0 has been analyzed by the Risky Plugins security platform, receiving a risk score of 100/100 (CRITICAL risk) based on 192 security findings.

Risk Assessment

This extension presents critical security risk. Severe issues were detected, potentially including malware indicators, exposed secrets, or dangerous behaviors. Installation is strongly discouraged until these issues are addressed.

Findings Breakdown

Critical: 23 finding(s)
High: 65 finding(s)
Medium: 82 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

Malware Detection: YARA rule matching against 2,400+ malware signatures
Secret Detection: Scanning for exposed API keys, tokens, and credentials
Static Analysis: Code-level security analysis for common vulnerability patterns
Network Analysis: Detection of suspicious network communications and endpoints
Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

tana-mcp-codemode is published by fabiogaliano on the mcp marketplace.

Recommendation

This extension is not recommended for installation without thorough manual review. Consider alternatives with lower risk scores, or contact the developer to address the identified security concerns.

Source Code Viewer

Source Code Not Available

Source code is not available for this version of the extension.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

@koneksi/mcp-server

alvinreyes

CRITICAL

update-browserslist-db

CRITICAL

@iflow-mcp/intuit-quickbooks-online-mcp-server

chatflowdev

CRITICAL

@youtyan/browser-pilot

GitHub Actions

CRITICAL

second-brain-health-check

iwo-szapar

CRITICAL

@nitrostack/core

abhishekpanditoff

CRITICAL

Risk Assessment

Severity Breakdown

Finding Categories

YARA Rules Matched

MCP Server Analysis

About This Extension

Detailed Findings

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-62

MCP-TOOL-PROCESS-SPAWN-src/compat/node.ts-40

MCP-TOOL-PROCESS-SPAWN-src/sandbox/workflow.ts-51

MCP-TOOL-PROCESS-SPAWN-src/api/tana.ts-76

MCP-TOOL-PROCESS-SPAWN-src/compat/types.ts-7

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-829

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-821

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-61

MCP-TOOL-PROCESS-SPAWN-src/storage/history.ts-102

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-886

MCP-TOOL-PROCESS-SPAWN-src/storage/history.ts-107

MCP-TOOL-PROCESS-SPAWN-src/compat/bun.ts-18

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-804

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-796

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-876

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-409

MCP-TOOL-PROCESS-SPAWN-src/storage/history.ts-77

MCP-TOOL-PROCESS-SPAWN-src/compat/node.ts-41

MCP-TOOL-PROCESS-SPAWN-dist/entry-node.js-825

MCP-TOOL-PROCESS-SPAWN-src/storage/history.ts-97

MCP-TOOL-PROCESS-SPAWN-src/debug-server.ts-47

MCP-TOOL-PROCESS-SPAWN-src/sandbox/workflow.ts-62

MCP-TOOL-PROCESS-SPAWN-src/storage/history.ts-66

MCP-TOOL-CREDENTIAL-ACCESS-dist/entry-node.js-764

MCP-TOOL-CREDENTIAL-ACCESS-src/api/client.ts-232

MCP-TOOL-CREDENTIAL-ACCESS-dist/entry-node.js-268

MCP-TOOL-CREDENTIAL-ACCESS-src/main.ts-14

MCP-TOOL-CREDENTIAL-ACCESS-src/storage/history.ts-22

MCP-TOOL-CREDENTIAL-ACCESS-src/storage/history.ts-21

MCP-TOOL-CREDENTIAL-ACCESS-src/api/client.ts-233

MCP-TOOL-CREDENTIAL-ACCESS-dist/entry-node.js-763

MCP-TOOL-CREDENTIAL-ACCESS-dist/entry-node.js-270

MCP-TOOL-CREDENTIAL-ACCESS-dist/entry-node.js-1243

MCP-TOOL-CREDENTIAL-ACCESS-dist/entry-node.js-1272

MCP-TOOL-CREDENTIAL-ACCESS-dist/entry-node.js-776

MCP-TOOL-CREDENTIAL-ACCESS-src/api/client.ts-231

MCP-TOOL-CREDENTIAL-ACCESS-dist/entry-node.js-269

MCP-TOOL-CREDENTIAL-ACCESS-src/storage/history.ts-37

MCP-TOOL-CREDENTIAL-ACCESS-src/main.ts-48

MCP-TOOL-CREDENTIAL-ACCESS-src/debug-server.ts-21

MCP-TOOL-NETWORK-ACCESS-src/debug-server.ts-58

MCP-TOOL-FILESYSTEM-ACCESS-src/api/tana.ts-170

MCP-TOOL-FILESYSTEM-ACCESS-dist/entry-node.js-971

MCP-TOOL-FILESYSTEM-ACCESS-src/sandbox/executor.ts-68

NET-FETCH-src/debug-server.ts-107

MCP-TOOL-FILESYSTEM-ACCESS-dist/entry-node.js-1159

NET-FETCH-src/debug-server.ts-81

MCP-TOOL-FILESYSTEM-ACCESS-src/debug-server.ts-194

MCP-TOOL-FILESYSTEM-ACCESS-src/prompts.ts-18

MCP-TOOL-NETWORK-ACCESS-dist/entry-node.js-188

NET-FETCH-dist/entry-node.js-188

MCP-TOOL-NETWORK-ACCESS-src/debug-server.ts-107

MCP-TOOL-NETWORK-ACCESS-src/debug-server.ts-81

MCP-TOOL-FILESYSTEM-ACCESS-dist/entry-node.js-515

NET-FETCH-src/api/client.ts-137

MCP-TOOL-NETWORK-ACCESS-src/api/client.ts-137

NET-FETCH-src/debug-server.ts-58

HASH-3fba34dfe82310d9

HASH-1d54bf56a6ef6857

HASH-84d520fbeef48ade

HASH-e8450b9fea42d819

HASH-7f24ba7a13c78195

HASH-4f0cf7b68d1d1d0d

HASH-ae515bcf57cb2607

HASH-a953277cfe8f5172

HASH-102645cd918a2be3

HASH-3c547cde881a0432

HASH-3622aafa79b156dd

HASH-457dc5862f8196e9

HASH-bdab0cfcb434e431

HASH-b9ca9abdbaf59d17

HASH-9569c7a2d692f476

HASH-4bc068ba2b5aa00c