THRONE
See report Verify server

registry / record

mongodb-mcp-server

npm / sealed 2026-06-12 / No. 1ee464f3

re-scan this server gate it in your CI
> throne registry mongodb-mcp-server sealed
This target couldn't be started as an MCP servernever completed an MCP handshake — this target may not be an MCP server, or may need a manual build / non-Node runtime
receiptsealed evidence
scan id
1ee464f3d6684ccaa6f5ac9aacbdc433
target
mongodb-mcp-server
sealed at
2026-06-12 18:21:22Z
evidence hash
sha256:95d7d4da5b4442102c57041a43efb958fa1e650f74f758aa3a467f4ac6d3c11e
01connectFAIL10.1s

step timed out after 10s

02discoverSKIPPED0ms

not run — connect failed

03validate_schemasSKIPPED0ms

not run — connect failed

04smoke_test_toolsSKIPPED0ms

not run — connect failed

05error_handlingSKIPPED0ms

not run — connect failed

06streamingSKIPPED0ms

not run — connect failed

07resource_lifecycleSKIPPED0ms

not run — connect failed

08concurrent_callsSKIPPED0ms

not run — connect failed

09reconnectSKIPPED0ms

not run — connect failed

01connectFAIL10.2s

step timed out after 10s

02discoverSKIPPED0ms

not run — connect failed

03validate_schemasSKIPPED0ms

not run — connect failed

04smoke_test_toolsSKIPPED0ms

not run — connect failed

05error_handlingSKIPPED0ms

not run — connect failed

06streamingSKIPPED0ms

not run — connect failed

07resource_lifecycleSKIPPED0ms

not run — connect failed

08concurrent_callsSKIPPED0ms

not run — connect failed

09reconnectSKIPPED0ms

not run — connect failed

chatgpt desktopemulation profile pending real-traffic captureCOMING SOON
SECURITY: REVIEW / 4 finding(s) / review material, not a verdict
MEDIUMTHR-EXEC-04 / Arbitrary command execution from tool arguments

exec() called with a dynamically built command (heuristic — review): 'cmd, (error) => {'

package/dist/esm/setup/aiTool.js:190
LOWTHR-NET-05 / Hardcoded outbound endpoints

15 non-local endpoint host(s) referenced in code — verify each is expected for this server's purpose: api.example.com (package/dist/cjs/tools/atlas/streams/build.js:73), cloud.mongodb.com (package/dist/cjs/common/config/userConfig.js:14), d2va9gm4j17fy9.cloudfront.net (package/dist/cjs/ui/lib/tools/list-databases.d.ts:7), dochub.mongodb.org (package/dist/cjs/tools/atlas/connect/connectCluster.js:15), forum.cursor.com (package/dist/cjs/common/exportsManager.d.ts:45), html.spec.whatwg.org (package/dist/cjs/ui/lib/tools/list-databases.d.ts:7), hub.docker.com (package/dist/cjs/tools/atlasLocal/create/createDeployment.js:13), jira.mongodb.org (package/dist/cjs/common/exportsManager.d.ts:46), knowledge.mongodb.com (package/dist/cjs/common/config/userConfig.js:18), reactjs.org (package/dist/cjs/ui/lib/tools/list-databases.d.ts:7), schema-registry.example.com (package/dist/cjs/tools/atlas/streams/build.js:59), skills.sh (package/dist/cjs/setup/aiTool.d.ts:37), testing-library.com (package/dist/cjs/ui/lib/tools/list-databases.d.ts:7), testing-playground.com (package/dist/cjs/ui/lib/tools/list-databases.d.ts:7), www.mongodb.com (package/dist/cjs/common/atlas/performanceAdvisorUtils.d.ts:8)

package/dist/cjs/common/atlas/performanceAdvisorUtils.d.ts:8
MEDIUMTHR-PROMPT-07 / Prompt injection via tool descriptions

6 invisible unicode character(s) (zero-width/soft hyphen) — a known vector for hiding instructions from human review

package/dist/cjs/ui/lib/tools/list-databases.js:10
MEDIUMTHR-PROMPT-07 / Prompt injection via tool descriptions

6 invisible unicode character(s) (zero-width/soft hyphen) — a known vector for hiding instructions from human review

package/dist/esm/ui/lib/tools/list-databases.js:7
VERDICT: INCONCLUSIVESANDBOXED RUN — submitted server executed in a disposable microVM — compatibility not assessable: the server process ran but never completed an MCP handshake — this target may not be an MCP server, or may need a manual build / non-Node runtime / security: review — 4 finding(s), 0 highsealed by THRONE / No. 1ee464f3 / 2026-06-12
executed in a disposable microVM, created for this scan and destroyed after it. nothing outlives a run.

maintainer of this server? challenge this record: hello@usethrone.dev. tell us what we got wrong and we re-run it in the open.

this page renders the stored record of a real run. nothing on it is asserted without the execution that proved it.