registry  /  maple-auction-mcp  /  0.5.0

maple-auction-mcp@0.5.0

메이플스토리 경매장을 AI로 검색하는 MCP 서버

AI Security Review

scanned 2h ago · by lpm-firewall-ai

No confirmed malicious attack surface was found. The package runs an MCP server that bridges user-invoked MapleStory auction queries through a localhost WebSocket broker and Chrome extension.

Static reason
One or more suspicious static signals were detected.
Trigger
User explicitly runs the bin or configures it as an MCP server
Impact
Package-aligned auction search and wishlist actions; no credential harvesting, persistence, or unconsented agent config mutation observed
Mechanism
local MCP-to-browser-extension bridge for auction API requests
Rationale
Static inspection shows a package-aligned MCP bridge with explicit runtime network activity and no install-time mutation, exfiltration, destructive behavior, or remote payload execution. The child_process and WebSocket primitives are used to start and communicate with the local broker needed for the documented Chrome-extension workflow.
Evidence
package.jsonREADME.mddist/index.jsdist/broker.jsdist/maple_knowledge.md
Network endpoints6
ws://127.0.0.1:29171api.mskr.nexon.com/v1api.mskr.nexon.com/v1/market/web/itemsapi.maplescouter.comchromewebstore.google.com/detail/maple-auction-mcp/mdjabnokhboicgecmpnggabjfimelfjnauction.maplestory.nexon.com

Decision evidence

public snapshot
AI called this Clean at 90.0% confidence as Benign with low false-positive risk.
Evidence for block
  • dist/index.js imports child_process.spawn to start dist/broker.js when the local bridge is unavailable
  • dist/broker.js exposes a localhost WebSocket broker on 127.0.0.1:29171 for MCP client and Chrome extension messages
  • MCP tools can POST/DELETE Nexon wishlist entries when explicitly invoked via add_wishlist/remove_wishlist
Evidence against
  • package.json has no install/preinstall/postinstall hooks; only prepublishOnly build script
  • dist/index.js runtime is an MCP stdio server for MapleStory auction search and related user tools
  • Network use is package-aligned: Nexon Maple auction APIs and maplescouter API; no unrelated exfil endpoint found
  • File access is limited to bundled dist/maple_knowledge.md via readFileSync; no writes to agent configs or user files found
  • README documents explicit MCP setup commands rather than automatic AI-agent control-surface mutation
  • Scanner eval/dynamic findings are bundled dependencies and schema libraries, not package payload execution
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 1.05 MB of source, external domains: api.maplescouter.com, api.mskr.nexon.com, auction.maplestory.nexon.com, chromewebstore.google.com, github.com, json-schema.org, maplescouter.com, raw.githubusercontent.com, spec.openapis.org, stackoverflow.com, tools.ietf.org, www.safaribooksonline.com, www.w3.org

Source & flagged code

3 flagged · loading source
dist/index.jsView file
16706// src/bridge.ts L16707: import { spawn } from "node:child_process"; L16708: import { fileURLToPath } from "node:url";
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L16706
54Cross-file remote execution chain: dist/index.js spawns dist/broker.js; helper contains network access plus dynamic code execution. L54: kStatusCode: Symbol("status-code"), L55: kWebSocket: Symbol("websocket"), L56: NOOP: () => { ... L107: } else { L108: buf = Buffer.from(data); L109: toBuffer.readOnly = false; ... L119: }; L120: if (!process.env.WS_NO_BUFFER_UTIL) { L121: try { ... L171: * L172: * @private L173: */
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/index.jsView on unpkg · L54
6627sourceCode = this.opts.code.process(sourceCode, sch); L6628: const makeValidate = new Function(`${names_1.default.self}`, `${names_1.default.scope}`, sourceCode); L6629: const validate = makeValidate(this, this.scope.get());
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/index.jsView on unpkg · L6627

Findings

3 High1 Medium6 Low
HighChild Processdist/index.js
HighShell
HighCross File Remote Execution Contextdist/index.js
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/index.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings