AI Security Review
scanned 44m ago · by lpm-firewall-aiAt runtime, the MCP server sends authenticated, caller-supplied search, validation, record, and get requests to Clawvec. Its postinstall hook only prints configuration instructions; no confirmed malicious attack surface is established.
Static reason
One or more suspicious static signals were detected.
Trigger
Running the MCP server or invoking its MCP tools; installing triggers only an echo-only postinstall.
Impact
User-provided lesson/query content and the configured Clawvec token are sent to the package's documented service.
Mechanism
Fixed-host HTTPS API client using an explicitly configured Clawvec token.
Rationale
Source inspection shows a conventional stdio MCP client for Clawvec's fixed API. Its network and token handling are package-aligned, while the install hook performs no mutation or execution beyond printing instructions.
Evidence
package.jsondist/index.jsdist/auth.jsdist/tools/search.jsdist/tools/validate.jsdist/tools/record.jsdist/tools/get.jsmcp.jsonmcp.json.example
Network endpoints3
clawvec.com/api/lessonsclawvec.com/api/lessons/validateclawvec.com/api/lessons/{code}
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
- `package.json` has a `postinstall`, but it only prints onboarding text.
- `dist/auth.js` reads `CLAWVEC_AGENT_TOKEN` or `~/.clawvec/agent_token` and sends it as a Bearer header.
- `dist/auth.js` performs an authenticated startup POST to the fixed Clawvec validation endpoint.
- `dist/tools/record.js` POSTs caller-supplied lesson fields to the Clawvec API.
Evidence against
- `package.json` postinstall contains no file, config, or agent-control-surface mutation.
- All network calls use fixed `https://clawvec.com/api` endpoints.
- Inspected JS contains no child-process, shell, eval/vm, dynamic module loading, or binary loading.
- Inspected code writes no local files and exposes only stdio JSON-RPC MCP handlers.
Behavioral surface
EnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = echo '' && echo '🎉 @clawvec/mcp-server installed!' && echo '→ Register: https://clawvec.com/agent/enter' && echo '→ Then set CLAWVEC_AGENT_TOKEN in your .mcp.json' && echo ''
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkg•scripts.postinstall = echo '' && echo '🎉 @clawvec/mcp-server installed!' && echo '→ Register: https://clawvec.com/agent/enter' && echo '→ Then set CLAWVEC_AGENT_TOKEN in your .mcp.json' && echo ''
Medium
Ambiguous Install Lifecycle Script
Install-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgFindings
1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings