ToolProof Trust Profile

ai-smithery-smithery-ai-cookbook-ts-smithery-cli

Meaningful risk signals. Review before team or production use.

29risk score
Review Firstconnection signal
sensitive_contextrisk type
86evidence score
Source: https://github.com/smithery-ai/smithery-cookbook/tree/main/servers/typescript/migrate_stdio_to_http/server_with_smithery_cli
Registry: ai.smithery/smithery-ai-cookbook-ts-smithery-cli 1.0.0

Connection signal

Meaningful risk signals. Review before team or production use.

Observed tools

  • count_characters

Top findings

  • Detected capability: environment_access — src/index.ts:76
  • Install risk pattern: npm_lifecycle_script — package.json:16
  • Install risk pattern: unpinned_dependency — package.json:22

Recommended controls

  • Install in a sandbox before team or production use.
  • Pin the exact package/repository version.
  • Review install scripts, Dockerfile behavior, and dependency pins.

Static analysis can miss behavior. This profile is an connection review signal, not production approval.