Is mamertofabian/mcp-everything-search safe?
https://github.com/mamertofabian/mcp-everything-search
This is a well-implemented, legitimate MCP server providing cross-platform file search capabilities using native system tools. The code quality is high with proper error handling and platform abstraction, though it carries inherent privacy considerations due to its file search functionality.
Category Scores
Findings (3)
MEDIUM File search functionality could access sensitive files -20 ▶
The MCP server provides cross-platform file search capabilities that could potentially be used to locate sensitive files like .env, SSH keys, or credentials. While this is the intended functionality of a search tool, it poses inherent privacy risks if misused.
LOW External DLL dependency for Windows functionality -10 ▶
Windows functionality requires the Everything SDK DLL (Everything64.dll) which must be obtained separately. While not inherently dangerous, external dependencies can introduce additional attack vectors.
LOW Inherent risks of search tool functionality -15 ▶
As a file search tool, this skill has inherent capability to access and index file system contents. While implemented legitimately, users should be aware that search functionality could be leveraged to discover sensitive information.