We scanned 100 Smithery MCP servers and 22 came back with security findings

We built Bawbel which is an open-source scanner for agentic AI components. We released v1.0.1 this week. Before announcing it anywhere, we wanted to answer one question: are real MCP servers actually vulnerable to the attack classes we've been documenting? So we scanned the top 100 servers on Smithery. Here's what came back. The numbers 100 servers scanned. 22 had at least one finding. 28 findings total. 4 CRITICAL, 24 HIGH. That's 1 in 5 servers in the top 100 of the most popular MCP registry flagging something. Some are genuine issues. Some are probably false positives.