v0.2.0 · live
CAPFRAME
← leaderboard/rank #73
§ serverregistryfindings.v2

currents-mcp

npm:@currents/mcp@2.3.3

github.com/currents-dev

Score
C60
Findings
10
Tools
38
Last scan
2026-06-27

Severity breakdown

Critical0
High10
Medium0
Low0
Info0

Worst finding

Tool `currents-create-action` name implies a side effect that is not declared

· currents-create-action

`currents-create-action` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

All 10 findings

  1. high
    Tool `currents-create-action` name implies a side effect that is not declared· currents-create-actionexcessive agency

    `currents-create-action` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  2. high
    Tool `currents-update-action` name implies a side effect that is not declared· currents-update-actionexcessive agency

    `currents-update-action` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  3. high
    Tool `currents-delete-action` name implies a side effect that is not declared· currents-delete-actionexcessive agency

    `currents-delete-action` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  4. high
    Tool `currents-create-jira-issue` name implies a side effect that is not declared· currents-create-jira-issueexcessive agency

    `currents-create-jira-issue` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  5. high
    Tool `currents-cancel-run` name implies a side effect that is not declared· currents-cancel-runexcessive agency

    `currents-cancel-run` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  6. high
    Tool `currents-delete-run` name implies a side effect that is not declared· currents-delete-runexcessive agency

    `currents-delete-run` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  7. high
    Tool `currents-cancel-run-github-ci` name implies a side effect that is not declared· currents-cancel-run-github-ciexcessive agency

    `currents-cancel-run-github-ci` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  8. high
    Tool `currents-create-webhook` name implies a side effect that is not declared· currents-create-webhookexcessive agency

    `currents-create-webhook` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  9. high
    Tool `currents-update-webhook` name implies a side effect that is not declared· currents-update-webhookexcessive agency

    `currents-update-webhook` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

  10. high
    Tool `currents-delete-webhook` name implies a side effect that is not declared· currents-delete-webhookexcessive agency

    `currents-delete-webhook` looks like a side-effecting tool (its name contains a mutation verb), but its `side_effects` declaration is []. A policy synthesizer cannot produce safe rules for this tool because it cannot tell what it actually does.

    fix: Declare the tool's true side effects explicitly. If the tool is genuinely read-only, rename it to match (e.g. `email.preview` rather than `email.send`).

How this was scored

Source registry tool surface extracted from the package's README + manifest (R3/R5/R6/R7 fire; schema-dependent rules deferred). Findings are emitted by the public capframe.findings.v1 schema. Score = 100 − (10·Critical + 4·High + 2·Medium + 1·Low), clamped to [0, 100].

Disagree with a finding? Open an issue.