No confirmed malicious attack surface. The MCP server makes user-invoked XMLStock API requests and can persist its own supplied credentials.
Static reason
One or more suspicious static signals were detected.
Trigger
Running the CLI as an MCP server, then invoking its search, balance, or credential tools.
Impact
Configured XMLStock credentials are sent only to the fixed XMLStock service endpoints required for requested operations.
Mechanism
XMLStock SERP client with package-owned credential persistence.
Rationale
Source inspection shows a package-aligned MCP client, not a covert payload. The scanner signals are explained by explicit credential configuration and fixed API calls needed for its stated XMLStock functionality.
Evidence
package.jsondist/index.jsREADME.md~/.config/seo-tools-mcp/.env
Network endpoints3
xmlstock.com/google/xml/xmlstock.com/yandexlive/xml/xmlstock.com/api/?do=balance