Search • Sprawl Radar • TrustOps • Gateway • Ledger • Mandates • Hosting • Docs Compiler • Demo • Plans • Shortlists • Rankings • Compare • ChatGPT compatible • Claude compatible • Healthcare • Digests • RSS • RSS XML • Backfill • MCP API
AGENT SPRAWL RADAR
github-write-mcp
Agent trust inventory, risk explanation, tools, data access, and drift.
Risk score
49
medium
Owner
Unassigned
Status
unreviewed
Recommended action
Require approval before production use because repository write access, confidential data access, no assigned owner.
Findings
| Severity | Code | Title | Description | Evidence |
|---|---|---|---|---|
| medium | TOOL_CODE_REPO | Code Repo access | Agent has code repo capability that should be inventoried. | github |
| medium | DATA_CONFIDENTIAL | CONFIDENTIAL data access | Agent appears to access confidential data. | MCP server can write repository content |
| medium | NO_OWNER | No owner assigned | Agent has no accountable owner in the registry. | .cursor/mcp.json |
| high | TOOL_WRITE_ACCESS | Write, admin, or execute access | Agent can mutate systems, administer resources, or execute operations. | github |
Tools
| Name | Category | Action | Target |
|---|---|---|---|
| github | code_repo | write | github.com/example/platform |
Data access
| Class | Location | Evidence |
|---|---|---|
| confidential | repo contents | MCP server can write repository content |
Drift history
- No drift recorded.
Raw config
{
"GITHUB_TOKEN": "[REDACTED]",
"args": [
"github-mcp-server"
],
"command": "npx"
}