No confirmed malicious attack surface. At runtime, user-invoked MCP tools store XMLStock credentials in a package-owned config file and query fixed XMLStock endpoints.
Static reason
One or more suspicious static signals were detected.
Trigger
Running the bin and explicitly invoking `xmlstock_set_credentials`, `xmlstock_serp`, or `xmlstock_balance` through an MCP client.
Impact
Configured XMLStock credentials are stored locally and transmitted only to the declared XMLStock service when its tools are invoked.
Mechanism
User-authorized credential storage and XMLStock SERP/balance API requests.
Rationale
The flagged primitives are package-aligned: this MCP server explicitly stores user-supplied XMLStock credentials and uses them only for fixed XMLStock API calls. Source inspection found no install-time execution, exfiltration to unrelated hosts, remote payload execution, or AI-agent control-surface mutation.
Evidence
package.jsondist/index.jsREADME.md~/.config/seo-tools-mcp/.env
Network endpoints3
xmlstock.com/google/xml/xmlstock.com/yandexlive/xml/xmlstock.com/api/?do=balance