I Audited 7 Official MCP Servers — Here Is What I Found

Every MCP server in the official repo has the same security gap. Not a vulnerability exactly — more like a missing seatbelt that everyone forgot to install. I ran mcp-security-audit against 7 servers from modelcontextprotocol/servers . The tool connects via stdio, enumerates every tool and parameter, and scores them across documentation, schema rigor, injection safety, scope control, and metadata hygiene. Results Server Tools Score Grade Notable Finding Fetch 1 100/100 A Clean. Zero findings. SQLite 6 95/100 A Unconstrained SQL query strings Time 2 95/100 A Unconstrained timezone strings GitHub 26 94/100 A create_or_update_file flagged as unexpected FILE capability Memory 9 92/100 A Unconstrained search query Git 12 90/100 A 18 unconstrained string parameters Filesystem 14 85/100 B read_media_file triggers base64 injection detector 5 Grade A, 2 Grade B. No critical vulnerabilities. The official servers are generally well-built. But there's a pattern. The Universal Weakness: Unconstrain