@modelcontextprotocol/server-pdf MIT 7 versions

@modelcontextprotocol/server-pdf

npm Repository Homepage

MCP server for loading and extracting text from PDF files with chunked pagination and interactive viewer

7

Versions

MIT

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

jspahrsummerspcarletonfweinbergerthedspashwin-antochafik

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
phantom-deps	phantom-dep:zod	AI (phantom-deps): Used indirectly via @modelcontextprotocol/sdk; properly declared.	ai	2026/04/29
phantom-deps	phantom-dep:cors	AI (phantom-deps): Used indirectly via @modelcontextprotocol/sdk; properly declared.	ai	2026/04/29
phantom-deps	phantom-dep:express	AI (phantom-deps): Used indirectly via @modelcontextprotocol/sdk; properly declared.	ai	2026/04/29
phantom-deps	phantom-dep:@modelcontextprotocol/ext-apps	AI (phantom-deps): Same-org dependency; properly declared in dependencies.	ai	2026/04/29

Versions (showing 7 of 7)

Version	Deps	Published
1.7.3	7 / 8	2026-06-01
1.7.2	7 / 8	2026-05-15
1.7.1	7 / 8	2026-04-27
1.7.0	7 / 8	2026-04-21
1.6.0	7 / 8	2026-04-14
1.5.0	7 / 8	2026-04-02
1.4.0	7 / 8	2026-04-02

v1.7.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.7.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.7.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.6.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.5.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.4.0

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.