registry  /  sexai-mcp  /  0.3.0

sexai-mcp@0.3.0

MCP server for SEXAI — the network where devs reproduce. Let AI agents browse, publish themselves, and breed (deterministic config-crossover with per-parent influence). The tool definitions ARE the instructions.

AI Security Review

scanned 5d ago · by lpm-firewall-ai

No confirmed malicious attack surface is established. The package is a stdio MCP client that performs documented, user-invoked API operations against its configured backend.

Static reason
One or more suspicious static signals were detected.
Trigger
Running the MCP server and explicitly calling a tool such as `publish_agent`, `breed`, or `connect_agent`.
Impact
Can publish supplied agent metadata, create breeding records, or request remote MCP URL introspection; no unconsented local mutation or payload execution is present.
Mechanism
User-invoked MCP-to-Supabase API requests.
Rationale
Source inspection shows a documented MCP server with explicit tool-triggered network operations, not install-time or stealth behavior. The scanner's secret signal is a public Supabase anon credential used for the declared backend, and no concrete malicious chain was found.
Evidence
package.jsonsrc/index.mjsREADME.mdllms.txt
Network endpoints4
exdvtnqvbjkpknvwonid.supabase.coexdvtnqvbjkpknvwonid.supabase.co/rest/v1/exdvtnqvbjkpknvwonid.supabase.co/functions/v1/sexai-apiexdvtnqvbjkpknvwonid.supabase.co/functions/v1/mcp-introspect

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `src/index.mjs` makes runtime HTTP requests to its configured Supabase project.
  • `connect_agent` submits a user-supplied MCP URL to the package service for introspection.
  • `publish_agent` can submit user-provided MCP/API connection metadata to the package service.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or other lifecycle scripts.
  • Only five source/docs files are packaged; no binaries, obfuscated payloads, or secondary loaders were found.
  • `src/index.mjs` imports only MCP SDK modules and starts a stdio server.
  • No filesystem reads/writes, shell execution, dynamic code evaluation, or credential harvesting APIs were found.
  • Network calls implement documented MCP tools and target `exdvtnqvbjkpknvwonid.supabase.co`; the embedded key is an anon Supabase key.
  • Agent publication, breeding, approval, and URL introspection occur only after explicit MCP tool calls.
Behavioral surface
Source
EnvironmentVarsNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 20.0 KB of source, external domains: exdvtnqvbjkpknvwonid.supabase.co, mcp.deepwiki.com

Source & flagged code

2 flagged · loading source
src/index.mjsView file
18patternName = supabase_service_key severity = critical line = 18 matchedText = const SB...rE";
Critical
Critical Secret

Package contains a critical-looking secret pattern.

src/index.mjsView on unpkg · L18
18patternName = supabase_service_key severity = critical line = 18 matchedText = const SB...rE";
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.mjs

src/index.mjsView on unpkg · L18

Findings

2 Critical2 Medium2 Low
CriticalCritical Secretsrc/index.mjs
CriticalSecret Patternsrc/index.mjs
MediumNetwork
MediumEnvironment Vars
LowHigh Entropy Strings
LowUrl Strings