Is @contextstream/mcp-server safe to install?

@contextstream/mcp-server was flagged as CRITICAL RISK (risk score 851) with 37 findings detected across 30 files. Review the findings before installing.

What security issues were found in @contextstream/mcp-server?

Sigil detected 37 findings in @contextstream/mcp-server, including patterns related to network_exfil, install_hooks, code_patterns, obfuscation. See the full scan report for details.

@contextstream/mcp-server Security Scan — CRITICAL RISK | Sigil

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/runner.js:1098

When mentioning the update, provide these commands (user can choose their preferred method):
- macOS/Linux: curl -fsSL https://contextstream.io/scripts/setup.sh | bash
- Windows: irm https://contextstream.io/scripts/setup.ps1 | iex

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/runner.js:1184

        command = "bash";
        args = ["-c", "curl -fsSL https://contextstream.io/scripts/setup.sh | bash"];
        shell = false;

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/runner.js:1263

      npm: "npm install -g @contextstream/mcp-server@latest",
      macLinux: "curl -fsSL https://contextstream.io/scripts/setup.sh | bash",
      windows: "irm https://contextstream.io/scripts/setup.ps1 | iex"

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/runner.js:2742

  2. Provide update commands (user chooses preferred method):
     - macOS/Linux: \`curl -fsSL https://contextstream.io/scripts/setup.sh | bash\`
     - Windows: \`irm https://contextstream.io/scripts/setup.ps1 | iex\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/runner.js:3108

- **[VERSION_NOTICE]** or **[VERSION_CRITICAL]**: Tell user about the update in a helpful, non-annoying way. Provide update commands:
  - macOS/Linux: \`curl -fsSL https://contextstream.io/scripts/setup.sh | bash\`
  - Windows: \`irm https://contextstream.io/scripts/setup.ps1 | iex\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/runner.js:3339

\`\`\`bash
curl -fsSL https://contextstream.io/scripts/setup.sh | bash
\`\`\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/session-init.js:24

  npm: "npm install -g @contextstream/mcp-server@latest",
  macLinux: "curl -fsSL https://contextstream.io/scripts/setup.sh | bash",
  windows: "irm https://contextstream.io/scripts/setup.ps1 | iex"

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/session-init.js:176

When mentioning the update, provide these commands (user can choose their preferred method):
- macOS/Linux: curl -fsSL https://contextstream.io/scripts/setup.sh | bash
- Windows: irm https://contextstream.io/scripts/setup.ps1 | iex

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/session-init.js:262

        command = "bash";
        args = ["-c", "curl -fsSL https://contextstream.io/scripts/setup.sh | bash"];
        shell = false;

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/session-init.js:653

  2. Provide update commands (user chooses preferred method):
     - macOS/Linux: \`curl -fsSL https://contextstream.io/scripts/setup.sh | bash\`
     - Windows: \`irm https://contextstream.io/scripts/setup.ps1 | iex\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/session-init.js:1019

- **[VERSION_NOTICE]** or **[VERSION_CRITICAL]**: Tell user about the update in a helpful, non-annoying way. Provide update commands:
  - macOS/Linux: \`curl -fsSL https://contextstream.io/scripts/setup.sh | bash\`
  - Windows: \`irm https://contextstream.io/scripts/setup.ps1 | iex\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/session-init.js:1250

\`\`\`bash
curl -fsSL https://contextstream.io/scripts/setup.sh | bash
\`\`\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/user-prompt-submit.js:17

  npm: "npm install -g @contextstream/mcp-server@latest",
  macLinux: "curl -fsSL https://contextstream.io/scripts/setup.sh | bash",
  windows: "irm https://contextstream.io/scripts/setup.ps1 | iex"

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/hooks/user-prompt-submit.js:169

When mentioning the update, provide these commands (user can choose their preferred method):
- macOS/Linux: curl -fsSL https://contextstream.io/scripts/setup.sh | bash
- Windows: irm https://contextstream.io/scripts/setup.ps1 | iex

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/index.js:247

When mentioning the update, provide these commands (user can choose their preferred method):
- macOS/Linux: curl -fsSL https://contextstream.io/scripts/setup.sh | bash
- Windows: irm https://contextstream.io/scripts/setup.ps1 | iex

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/index.js:350

        command = "bash";
        args = ["-c", "curl -fsSL https://contextstream.io/scripts/setup.sh | bash"];
        shell = false;

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/index.js:429

      npm: "npm install -g @contextstream/mcp-server@latest",
      macLinux: "curl -fsSL https://contextstream.io/scripts/setup.sh | bash",
      windows: "irm https://contextstream.io/scripts/setup.ps1 | iex"

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/index.js:3818

  2. Provide update commands (user chooses preferred method):
     - macOS/Linux: \`curl -fsSL https://contextstream.io/scripts/setup.sh | bash\`
     - Windows: \`irm https://contextstream.io/scripts/setup.ps1 | iex\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/index.js:4184

- **[VERSION_NOTICE]** or **[VERSION_CRITICAL]**: Tell user about the update in a helpful, non-annoying way. Provide update commands:
  - macOS/Linux: \`curl -fsSL https://contextstream.io/scripts/setup.sh | bash\`
  - Windows: \`irm https://contextstream.io/scripts/setup.ps1 | iex\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/index.js:4415

\`\`\`bash
curl -fsSL https://contextstream.io/scripts/setup.sh | bash
\`\`\`

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-makefile-curl

HIGH

Makefile/script pipes remote content to shell

package/dist/test-server.js:4058

  npm: "npm install -g @contextstream/mcp-server@latest",
  macLinux: "curl -fsSL https://contextstream.io/scripts/setup.sh | bash",
  windows: "irm https://contextstream.io/scripts/setup.ps1 | iex"

Why was this flagged?

A script or Makefile pipes content from a remote URL directly into a shell (curl | sh or wget | bash). This is inherently dangerous because the remote content can change at any time, and the command runs with the current user's permissions. Rated HIGH because it requires manual execution (unlike install hooks) but still executes arbitrary remote code.

install-npm-postinstall

CRITICAL

npm lifecycle script — runs automatically on install

package/package.json:34

    "prepublishOnly": "npm run build",
    "postinstall": "node scripts/postinstall.js"
  },

Why was this flagged?

npm lifecycle scripts like postinstall run automatically during package installation with no user interaction required. This is the #1 attack vector for malicious npm packages — attackers embed data theft or backdoor installation in these hooks. Rated CRITICAL because code executes before the developer can review it.

@contextstream/mcp-server

Summary

Provenance

Findings by Phase

Install Hooks

Code Patterns

Obfuscation

Network / Exfiltration

Badge

Scan your own packages

Get threat intelligence and product updates

Other npm scans