Scan Report
0 /100
subgraph-registry-mcp
MCP server for agent-friendly subgraph discovery on The Graph Network. 15,500+ classified subgraphs with reliability scoring.
This is a legitimate MCP server for The Graph Network subgraph discovery with clean, focused code matching its declared purpose. No malicious behavior detected.
Safe to install
No action required. The skill is safe for use.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | All network calls go to https://gateway.thegraph.com/api/ (legitimate The Graph … |
| Filesystem | NONE | READ | ✓ Aligned | Reads local data files (registry.db, registry.json) within python/data/ director… |
| Shell | NONE | NONE | — | No shell execution found anywhere in the codebase |
| Environment | NONE | NONE | — | os.environ only reads optional GATEWAY_API_KEY from .env — used only for The Gra… |
| Skill Invoke | NONE | NONE | — | No cross-skill invocation |
14 findings
Medium External URL 外部 URL
https://glama.ai/mcp/servers/PaulieB14/subgraph-registry README.md:3 Medium External URL 外部 URL
https://glama.ai/mcp/servers/PaulieB14/subgraph-registry/badge README.md:4 Medium External URL 外部 URL
https://thegraph.com README.md:7 Medium External URL 外部 URL
https://glama.ai/mcp/schemas/server.json glama.json:2 Medium External URL 外部 URL
https://gateway.thegraph.com/api/ python/crawler.py:38 Medium External URL 外部 URL
https://gateway.thegraph.com/api/subgraphs/id/ python/crawler.py:40 Medium External URL 外部 URL
https://gateway.thegraph.com/api/[api-key python/mcp_server.py:140 Medium External URL 外部 URL
https://thegraph.com/studio/apikeys/ python/mcp_server.py:148 Medium External URL 外部 URL
https://uniswap.org python/test_classifier.py:11 Medium External URL 外部 URL
https://aave.com python/test_classifier.py:31 Medium External URL 外部 URL
https://ens.domains python/test_classifier.py:53 Medium External URL 外部 URL
https://premia.blue python/test_classifier.py:72 Medium External URL 外部 URL
https://static.modelcontextprotocol.io/schemas/2025-12-11/server.schema.json server.json:2 Medium External URL 外部 URL
https://gateway.thegraph.com/api/YOUR_KEY/subgraphs/id/$ src/index.js:288 File Tree
15 files · 111.5 KB · 3171 lines Python 7f · 2361L
JavaScript 1f · 480L
Markdown 2f · 247L
JSON 4f · 78L
Text 1f · 5L
├─
▾
python
│ ├─
▾
data
│ │ └─
sync-state.json
JSON
│ ├─
classifier.py
Python
│ ├─
crawler.py
Python
│ ├─
mcp_server.py
Python
│ ├─
registry.py
Python
│ ├─
requirements.txt
Text
│ ├─
scheduler.py
Python
│ ├─
server.py
Python
│ └─
test_classifier.py
Python
├─
▾
src
│ └─
index.js
JavaScript
├─
glama.json
JSON
├─
package.json
JSON
├─
README.md
Markdown
├─
server.json
JSON
└─
SKILL.md
Markdown
Dependencies 8 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
@modelcontextprotocol/sdk | ^1.12.1 | npm | No | Official MCP SDK |
better-sqlite3 | ^11.8.2 | npm | No | Read-only SQLite usage confirmed in code |
express | ^4.21.0 | npm | No | HTTP transport only, opt-in |
httpx | >=0.27 | pip | No | Minimum version pinned |
polars | >=1.0 | pip | No | Minimum version pinned |
fastapi | >=0.115 | pip | No | Minimum version pinned |
uvicorn | >=0.32 | pip | No | Minimum version pinned |
pydantic | >=2.0 | pip | No | Minimum version pinned |
Security Positives
✓ Clean codebase with no obfuscation, base64, or eval() usage
✓ All 4 tools (search_subgraphs, recommend_subgraph, get_subgraph_detail, list_registry_stats) fully implemented and match SKILL.md declarations
✓ Network access exclusively targets legitimate services: The Graph Gateway API and the skill's own GitHub-hosted registry database
✓ Database reads are local-only SQLite queries with no outbound transmission of data
✓ Credential handling: GATEWAY_API_KEY is optional, read only from .env for API authentication, never exfiltrated
✓ Dependency pinning: requirements.txt pins httpx>=0.27, polars>=1.0, fastapi>=0.115, uvicorn>=0.32, pydantic>=2.0 (all minimum version constraints)
✓ No credential harvesting patterns: no iteration over os.environ for secrets, no ~/.ssh or ~/.aws access
✓ No remote code execution: no subprocess, no curl|bash, no wget|sh patterns
✓ No persistence mechanisms: no cron jobs, no startup hooks, no backdoor installation
✓ No supply chain threats: all dependencies are from well-known packages (MCP SDK, better-sqlite3, express)
✓ SSE/HTTP transport is explicitly opt-in via --http or --http-only flags and runs on localhost
✓ Database is read-only (readonly: true on better-sqlite3 connection)