research-powerpack-mcp

The server uses standard environment variables for all API keys, preventing hardcoded secrets. It communicates via standard I/O (`StdioServerTransport`), which significantly limits the external attack surface compared to a network-exposed server. The `deep_research` tool's file attachment feature allows reading local files based on user-provided absolute paths. While this is a core functionality for a coding agent to provide context (e.g., code snippets for debugging), it presents a potential risk if the calling LLM or user provides malicious paths, potentially exposing local file content. However, the server's implementation processes these files for informational context (e.g., in a code block), not execution, and includes `existsSync` checks. No `eval` or obvious obfuscation was found. Overall, the server appears reasonably secure for its intended use within an LLM agent context.