MCPSafe (mcpsafe.io) runs automated security scans of Model Context Protocol (MCP) server repositories using a five-model LLM judge panel and a purpose-built scoring rubric called AIVSS (AI Vulnerability Severity Score). Over the past three months, we've scanned 50+ MCP servers across GitHub, npm, and PyPI — and the results are sobering. TL;DR: the majority receive a grade of D or lower. The most common critical vulnerability is indirect prompt injection: servers that fetch Jira tickets, GitHub issues, Confluence pages, or web content and return it verbatim to the LLM, with no mechanism to distinguish attacker-controlled data from trusted instructions. Here's what we found — and what server authors need to fix. What is MCPSafe? MCPSafe (mcpsafe.io) is an automated security analysis platform for MCP server repositories.…