registry  /  @minicor/mcp-server  /  3.4.0

@minicor/mcp-server@3.4.0

Desktop and browser RPA automation, workflow management, and AI-powered debugging for the Minicor platform. Formerly Laminar.

AI Security Review

scanned 3h ago · by lpm-firewall-ai

LPM treats this as warn-only first-party agent extension lifecycle risk. User-invoked setup and bootstrap can add this first-party MCP server to Cursor/Claude workspace configuration and store Minicor auth tokens locally. This is agent extension lifecycle risk, but not malicious because it is explicit setup for the advertised MCP/RPA product and not an install-time hijack.

Static reason
No blocking static signals were detected.
Trigger
Running minicor-mcp-setup, minicor-bootstrap, or starting the MCP server after authentication
Impact
Adds Minicor MCP tools to local agent/editor configs and enables authenticated platform operations requested through the MCP server
Mechanism
first-party MCP setup and platform API client
Rationale
The package has explicit user-command agent/MCP configuration setup and broad MCP capabilities, so it merits a warning under the lifecycle-risk policy. I found no unconsented install-time control-surface mutation, secret exfiltration, remote code loading, or other concrete malicious chain.
Evidence
package.jsondist/setup.jsdist/bootstrap.jsdist/index.jsdist/lib.jsdist/paths.jsdist/laminar-client.jsdist/tools/session.jsdist/seed-skills.js~/.minicor/tokens.json~/.cursor/mcp.jsonCLAUDE.md.claude/settings.local.json.cursor/rules/workspace.mdc.minicor/session.json.minicor/context.md
Network endpoints4
api.laminar.runca.api.laminar.runlam-vm-service-ernfuwetfa-uc.a.run.apptfa-otp.minicor.com

Decision evidence

public snapshot
AI called this Suspicious at 86.0% confidence as Dangerous Capability with medium false-positive risk.
Evidence for warning
  • dist/setup.js explicit setup writes ~/.cursor/mcp.json and ~/.minicor/tokens.json after login
  • dist/bootstrap.js user-invoked bootstrap writes CLAUDE.md, .claude/settings.local.json, .cursor/rules/workspace.mdc
  • dist/index.js registers MCP tools that can manage workflows, VMs, agents, skills, and sessions
  • dist/setup.js uses child_process.exec only to open local setup URL in browser
Evidence against
  • package.json has no preinstall/install/postinstall; only prepare runs tsc build
  • dist/lib.js library entry has no import-time side effects beyond exports
  • Network calls are to package-aligned Minicor/Laminar APIs for auth, workspaces, VM, skills, middleware, and 2FA
  • Stored tokens are written locally with mode 0600 and used as bearer auth to configured platform endpoints
  • No credential harvesting, hidden exfiltration endpoint, remote payload loader, destructive install action, or stealth persistence found
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 42 file(s), 421 KB of source, external domains: 127.0.0.1, api.laminar.run, ca.api.laminar.run, docs.laminar.run, fonts.googleapis.com, fonts.gstatic.com, lam-vm-service-ernfuwetfa-uc.a.run.app, middleware-service-489511347341.northamerica-northeast1.run.app, middleware-service-ca-ernfuwetfa-nn.a.run.app, tfa-otp.minicor.com, www.minicor.com, www.w3.org, xxxx-yyyy.trycloudflare.com

Source & flagged code

4 flagged · loading source
dist/setup.jsView file
Published source reference
Medium
Ai Review Evidence

dist/setup.js explicit setup writes ~/.cursor/mcp.json and ~/.minicor/tokens.json after login

dist/setup.jsView on unpkg
Published source reference
Medium
Ai Review Evidence

dist/setup.js uses child_process.exec only to open local setup URL in browser

dist/setup.jsView on unpkg
dist/bootstrap.jsView file
Published source reference
Medium
Ai Review Evidence

dist/bootstrap.js user-invoked bootstrap writes CLAUDE.md, .claude/settings.local.json, .cursor/rules/workspace.mdc

dist/bootstrap.jsView on unpkg
dist/index.jsView file
Published source reference
Medium
Ai Review Evidence

dist/index.js registers MCP tools that can manage workflows, VMs, agents, skills, and sessions

dist/index.jsView on unpkg

Findings

6 Medium5 Low
MediumNetwork
MediumEnvironment Vars
MediumAi Review Evidencedist/setup.js
MediumAi Review Evidencedist/bootstrap.js
MediumAi Review Evidencedist/index.js
MediumAi Review Evidencedist/setup.js
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings