Is mcp-remote proxy safe?
mcp-remote is an AI npm_package analyzed by SkillTotal's deterministic static scanner. The scan found no malicious indicators. It can: no notable capabilities — capabilities are what the code can do, not a verdict on intent. Risk score 0/100 (low).
mcp-remote 0.1.38
npm_package · npm:mcp-remote
LOW
0
/ 100 malicious-risk
Snapshot · scanned Jun 20, 2026 · mcp-remote@0.1.38 · engine 0.18.0 / ruleset 19
No significant risks found
No malicious indicators found by static analysis.
Check your own component
Run the same evidence-backed scan on any MCP server, agent skill, or package.
Scan your own componentOr get notified if this component's risk changes:
How we determine this: deterministic static analysis (regex + AST), evidence-anchored, no code execution. Methodology →