OsVault/npm/mcp-watch
npm

mcp-watch

1 known vulnerability · 0 critical · 0 high

CVE-2025-66401

MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL

Published Dec 2, 2025
Check your entire dependency tree at onceRun dependency scan →