registry  /  @ekoindia/eps-context-mcp  /  0.1.5

@ekoindia/eps-context-mcp@0.1.5

Local MCP server giving AI coding agents context for Eko Platform Services (EPS) APIs.

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. The package is a CLI MCP server serving bundled EPS context data with optional runtime bundle fetching and update checking.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs the eps-context-mcp bin command.
Impact
No install-time mutation, credential exfiltration, destructive behavior, persistence, or remote code execution found.
Mechanism
runtime MCP stdio server with optional remote JSON bundle fetch
Rationale
Static source inspection shows scanner hits are package-aligned runtime/documentation behavior, not a concrete malicious chain. The package has no install-time execution or unconsented AI-agent control-surface mutation.
Evidence
package.jsondist/index.jsdata/eps.jsonREADME.md
Network endpoints2
registry.npmjs.org/@ekoindia/eps-context-mcp/latestprocess.env.EPS_BUNDLE_URL

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
  • dist/index.js performs runtime fetch from process.env.EPS_BUNDLE_URL if user configures it.
  • dist/index.js performs a best-effort runtime update check to npm registry.
  • dist/index.js includes access-key/secret-key strings in signing snippet templates.
  • README.md gives MCP client config examples for Claude, Cursor, Codex, Gemini, etc.
Evidence against
  • package.json has no install/preinstall/postinstall hook; only prepublishOnly build hook.
  • dist/index.js starts only as the bin entry and serves MCP tools over stdio.
  • No child_process, eval/vm/Function, native binary loading, persistence, destructive writes, or agent config mutation found.
  • Credential-looking EKO_ACCESS_KEY references are inert returned code examples, not executed harvesting logic.
  • data/eps.json is bundled EPS API metadata loaded as JSON, not executable payload.
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 12.2 KB of source, external domains: registry.npmjs.org

Source & flagged code

3 flagged · loading source
data/eps.jsonView file
7574patternName = supabase_service_key severity = critical line = 7574 matchedText = "example...HbA"
Critical
Critical Secret

Package contains a critical-looking secret pattern.

data/eps.jsonView on unpkg · L7574
7574patternName = supabase_service_key severity = critical line = 7574 matchedText = "example...HbA"
Critical
Secret Pattern

Supabase service role key (JWT) in data/eps.json

data/eps.jsonView on unpkg · L7574
7620patternName = supabase_service_key severity = critical line = 7620 matchedText = "wallet_...bA",
Critical
Secret Pattern

Supabase service role key (JWT) in data/eps.json

data/eps.jsonView on unpkg · L7620

Findings

3 Critical2 Medium5 Low
CriticalCritical Secretdata/eps.json
CriticalSecret Patterndata/eps.json
CriticalSecret Patterndata/eps.json
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings