From 06651d5d3e1c7398f79c938d38ffaca2ca006b74 Mon Sep 17 00:00:00 2001
From: Molecule AI Documentation Specialist
 <documentation-specialist@agents.moleculesai.app>
Date: Fri, 17 Apr 2026 19:01:43 +0000
Subject: [PATCH] docs(mcp-server): pin npm package version, remove -y flag
 (SAFE-MCP NEW-003)

- Quick start install example: add @1.0.0 version pin
- .mcp.json Configure example: pin to @1.0.0, remove -y auto-accept flag
- Add Callout warning explaining why pinning is required (unpinned + -y =
  arbitrary code execution on package compromise) with link to npm page
- Troubleshooting: update standalone run example to use pinned version

Addresses SAFE-MCP finding NEW-003 (HIGH) from SAFE-MCP audit (PR #808).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 content/docs/mcp-server.mdx | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/content/docs/mcp-server.mdx b/content/docs/mcp-server.mdx
index 59501f4..208beca 100644
--- a/content/docs/mcp-server.mdx
+++ b/content/docs/mcp-server.mdx
@@ -12,7 +12,7 @@ channels, and more through the platform API.
 ### Install
 
 ```bash
-npx @molecule-ai/mcp-server
+npx @molecule-ai/mcp-server@1.0.0
 ```
 
 ### Configure in `.mcp.json`
@@ -23,7 +23,7 @@ npx @molecule-ai/mcp-server
     "molecule": {
       "type": "stdio",
       "command": "npx",
-      "args": ["-y", "@molecule-ai/mcp-server"],
+      "args": ["@molecule-ai/mcp-server@1.0.0"],
       "env": {
         "MOLECULE_URL": "http://localhost:8080"
       }
@@ -32,6 +32,10 @@ npx @molecule-ai/mcp-server
 }
 ```
 
+<Callout type="warn">
+  **Pin the package version.** The examples above use `@1.0.0` — always specify an exact version and omit the `-y` flag. An unpinned `npx -y @molecule-ai/mcp-server` (no version) silently installs whatever npm serves on the next restart; if the package is ever compromised, it runs with your full MCP client permissions. Check [npm](https://www.npmjs.com/package/@molecule-ai/mcp-server) for the latest stable release before upgrading.
+</Callout>
+
 For SaaS deployments, set `MOLECULE_URL` to your tenant URL:
 
 ```json
@@ -155,4 +159,4 @@ The MCP server exposes tools across these categories:
 |---|---|
 | Connection refused | Check `MOLECULE_URL` points to running platform |
 | 401 Unauthorized | Token expired or revoked — create a new one |
-| Tools not showing | Run `npx @molecule-ai/mcp-server` standalone to check errors |
+| Tools not showing | Run `npx @molecule-ai/mcp-server@1.0.0` standalone to check errors |