registry  /  local-mcp  /  3.0.325

local-mcp@3.0.325

Let ChatGPT, Claude, Cursor & any MCP client actually use your Mac — read & reply to email, manage your calendar, text over iMessage, find files, work with Teams, Slack & Office. On your Mac, no API keys, free.

Static Scan Results

scanned 4d ago · by rust-scanner

Static analysis flagged 16 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 4 file(s), 87.0 KB of source, external domains: download.local-mcp.com, local-mcp.com, office-mcp-production.up.railway.app

Source & flagged code

7 flagged · loading source
package.jsonView file
scripts.postinstall = node postinstall.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = node postinstall.js
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
download.jsView file
12const os = require('os') L13: const { execFileSync, execSync } = require('child_process') L14:
High
Child Process

Package source references child process execution.

download.jsView on unpkg · L12
7L8: const https = require('https') L9: const http = require('http') ... L12: const os = require('os') L13: const { execFileSync, execSync } = require('child_process') L14: ... L18: const tarBin = process.platform === 'win32' L19: ? path.join(process.env.SystemRoot || 'C:\\Windows', 'System32', 'tar.exe') L20: : 'tar'
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

download.jsView on unpkg · L7
345if (fs.existsSync(systemTrayApp) && trayApp !== systemTrayApp) { L346: try { execFileSync('rm', ['-rf', systemTrayApp], { stdio: 'pipe' }) } catch { /* ignorar */ } L347: } ... L358: L359: const url = `https://download.local-mcp.com/local-mcp-tray-${version}-darwin-universal.tar.gz` L360: process.stderr.write(`\nDescargando tray v${version}...\n`) L361:
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

download.jsView on unpkg · L345
7L8: const https = require('https') L9: const http = require('http') ... L12: const os = require('os') L13: const { execFileSync, execSync } = require('child_process') L14: ... L17: function extractTar(tarPath, destDir) { L18: const tarBin = process.platform === 'win32' L19: ? path.join(process.env.SystemRoot || 'C:\\Windows', 'System32', 'tar.exe') L20: : 'tar' ... L30: const CACHE_DIR = process.platform === 'win32' L31: ? path.join(process.env.LOCALAPPDATA || path.join(os.homedir(), 'AppData', 'Local'), 'local-mcp', 'bin')
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

download.jsView on unpkg · L7
7L8: const https = require('https') L9: const http = require('http') ... L12: const os = require('os') L13: const { execFileSync, execSync } = require('child_process') L14: ... L17: function extractTar(tarPath, destDir) { L18: const tarBin = process.platform === 'win32' L19: ? path.join(process.env.SystemRoot || 'C:\\Windows', 'System32', 'tar.exe') L20: : 'tar' ... L30: const CACHE_DIR = process.platform === 'win32' L31: ? path.join(process.env.LOCALAPPDATA || path.join(os.homedir(), 'AppData', 'Local'), 'local-mcp', 'bin')
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

download.jsView on unpkg · L7

Findings

6 High5 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processdownload.js
HighShell
HighSame File Env Network Executiondownload.js
HighCommand Output Exfiltrationdownload.js
HighSandbox Evasion Gated Capabilitydownload.js
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedownload.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License