Loading npm security reports…
MCP server that exposes SystemDox checks, specs, docs, and tech stack to AI coding tools
Review flagged AI-agent configuration or capability changes. This remains warn-only unless evidence shows foreign-agent hijack through preinstall/install/postinstall, hidden persistence, exfiltration, remote code execution, or other concrete malicious behavior.
Source appears to send environment or credential material to an external endpoint.
dist/http.jsView on unpkg · L58A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/http.jsView on unpkg · L58Source appears to send environment or credential material to an external endpoint.
dist/http.jsView on unpkg · L58A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/http.jsView on unpkg · L58