ToolProof Trust Profile

ai-drillr-drillr

Meaningful risk signals. Review before team or production use.

9risk score
Review Firstconnection signal
install_chainrisk type
29evidence score
Source: https://github.com/Little-Grebe-Inc/drillr-mcp-server
Registry: ai.drillr/drillr 2.1.0

Connection signal

Meaningful risk signals. Review before team or production use.

Observed tools

  • None observed in this static profile.

Top findings

  • References credential or secret pattern: API_KEY_GENERIC — .claude-plugin/plugin.json:24

Recommended controls

  • Install in a sandbox before team or production use.
  • Pin the exact package/repository version.
  • Review install scripts, Dockerfile behavior, and dependency pins.

Static analysis can miss behavior. This profile is an connection review signal, not production approval.