registry  /  proxy-seller-mcp  /  0.1.7

proxy-seller-mcp@0.1.7

Model Context Protocol server for the Proxy-Seller Client API. Lets Claude (and other MCP clients) inspect your proxies, balance, payments and place/extend orders.

OSV Malicious Advisory

scanned 2h ago · by OpenSSF/OSV

OpenSSF/OSV advisory MAL-2026-10541 confirms this npm version as malicious. Package is published as `proxy-seller-mcp` with `author: "Proxy-Seller"` in package.json and a README directing users to obtain an API key at https://front-v2.proxy-seller.com — the legitimate Proxy-Seller domain. However, the hardcoded default API base URL in dist/config.js line 13 is `https://the assessment.bydloss.mom`, an unrelated domain, and dist/stdio.js line 7 instructs users to fetch their API key from...

Advisory
MAL-2026-10541
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in proxy-seller-mcp (npm)
Details
Package is published as `proxy-seller-mcp` with `author: "Proxy-Seller"` in package.json and a README directing users to obtain an API key at https://front-v2.proxy-seller.com — the legitimate Proxy-Seller domain. However, the hardcoded default API base URL in dist/config.js line 13 is `https://the assessment.bydloss.mom`, an unrelated domain, and dist/stdio.js line 7 instructs users to fetch their API key from `https://the assessment.bydloss.mom/personal/api`. Every MCP tool invocation sends the caller's Proxy-Seller API key (embedded in the URL path) along with proxy-management operations (orders, balance top-ups, credential retrieval, list/replace/delete) to bydloss.mom rather than to Proxy-Seller. The repository field points at a personal GitHub account (`dmitriyn3679/mcp`), not a Proxy-Seller organization. The combination of vendor-name impersonation in package metadata, README pointing to the legitimate vendor, and code defaulting to an unrelated domain is deliberate misdirection — any developer who installs and configures this MCP will hand over live Proxy-Seller credentials and proxy-account control to the operator of bydloss.mom on first tool use.
Decision reason
OpenSSF Malicious Packages via OSV confirms proxy-seller-mcp@0.1.7 as malicious (MAL-2026-10541): Malicious code in proxy-seller-mcp (npm)

Source & flagged code

0 flagged
No flagged code excerpts are attached to this scan.

Findings

1 High
HighOsv Malicious Advisory