Loading npm security reports…
Cesium MCP Runtime Server — AI Agent 通过 MCP 协议操控浏览器 Cesium
A user-invoked runtime HTTP server contains an unauthenticated arbitrary-fetch proxy. This creates SSRF exposure if a remote party can reach the listener.
`dist/chunk-IGUWZWQF.js` exposes `GET /proxy?url=` and passes the supplied URL directly to `fetch`.
dist/chunk-IGUWZWQF.jsView on unpkg`dist/chunk-IGUWZWQF.js` starts HTTP/WebSocket servers with `listen(port)` and wildcard CORS, without authentication.
dist/chunk-IGUWZWQF.jsView on unpkg`dist/chunk-IGUWZWQF.js` exposes `GET /proxy?url=` and passes the supplied URL directly to `fetch`.
dist/chunk-IGUWZWQF.jsView on unpkg`dist/chunk-IGUWZWQF.js` starts HTTP/WebSocket servers with `listen(port)` and wildcard CORS, without authentication.
dist/chunk-IGUWZWQF.jsView on unpkg