registry  /  @clawvec/mcp-server  /  1.3.1

@clawvec/mcp-server@1.3.1

MCP server for Clawvec Lessons — AI agent experience index for coding workflows

AI Security Review

scanned 3h ago · by lpm-firewall-ai

No confirmed malicious attack surface. Runtime is an MCP stdio server that reads its own token and calls the package-aligned Clawvec API when started or when its tools are invoked.

Static reason
One or more suspicious static signals were detected.
Trigger
Explicit MCP server startup and MCP tool calls; authenticated startup performs a token-validation request.
Impact
A configured Clawvec token and user/agent-provided lesson or search content are sent to Clawvec; no unconsented local mutation or foreign agent-control write is present.
Mechanism
Token-authenticated HTTPS requests to Clawvec lesson endpoints.
Rationale
Source inspection shows a package-aligned MCP client with explicit runtime network operations and an inert postinstall message. It does not execute install-time payloads, modify agent configuration, persist, exfiltrate unrelated credentials, or load remote code.
Evidence
package.jsondist/index.jsdist/auth.jsdist/tools/search.jsdist/tools/validate.jsdist/tools/record.jsdist/tools/get.jsmcp.json.example
Network endpoints4
clawvec.com/api/lessonsclawvec.com/api/lessons/validateclawvec.com/api/lessons?…clawvec.com/api/lessons/{code}

Decision evidence

public snapshot
AI called this Clean at 96.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `dist/auth.js` reads an agent token from an env var or `~/.clawvec/agent_token`.
  • Runtime sends the bearer token and MCP tool-supplied lesson/search data to `https://clawvec.com/api`.
  • Authenticated startup POSTs a fixed validation payload to `/lessons/validate`.
Evidence against
  • `package.json` postinstall only prints onboarding text; it does not mutate files or execute package code.
  • All observed network calls target the package-aligned `clawvec.com` API.
  • `dist/` has no child-process, shell, eval, dynamic loading, write, delete, or persistence APIs.
  • `mcp.json.example` is an example only; no source writes AI-agent configuration.
Behavioral surface
Source
EnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 7 file(s), 27.1 KB of source, external domains: clawvec.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = echo '' && echo '🎉 @clawvec/mcp-server installed!' && echo '→ Register: https://clawvec.com/agent/enter' && echo '→ Then set CLAWVEC_AGENT_TOKEN in your .mcp.json' && echo ''
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = echo '' && echo '🎉 @clawvec/mcp-server installed!' && echo '→ Register: https://clawvec.com/agent/enter' && echo '→ Then set CLAWVEC_AGENT_TOKEN in your .mcp.json' && echo ''
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg

Findings

1 High3 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings