AI Security Review
scanned 4d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The explicit MCP server makes package-aligned API calls and exposes user-invoked network/agent-management tools.
Static reason
One or more suspicious static signals were detected.
Trigger
User runs `sexai-mcp` and invokes an MCP tool.
Impact
Can publish, query, and retrieve SEXAI network data through its intended remote service; owner actions sign service nonces with an opted-in environment key.
Mechanism
stdio MCP server calling SEXAI Supabase REST and edge-function endpoints
Rationale
Source inspection shows an explicit MCP client for the named SEXAI service, not install-time or stealth behavior. Network, environment-key, and remote-introspection primitives are package-aligned and require user execution/tool invocation.
Evidence
package.jsonsrc/index.mjsREADME.md
Network endpoints4
exdvtnqvbjkpknvwonid.supabase.coexdvtnqvbjkpknvwonid.supabase.co/rest/v1/exdvtnqvbjkpknvwonid.supabase.co/functions/v1/sexai-apiexdvtnqvbjkpknvwonid.supabase.co/functions/v1/mcp-introspect
Decision evidence
public snapshotAI called this Clean at 91.0% confidence as Benign with low false-positive risk.
Evidence for block
- `src/index.mjs` sends tool requests to its hosted Supabase API.
- `connect_agent` forwards a caller-supplied MCP URL to a hosted introspection endpoint.
- Owner tools use `SEXAI_AGENT_PRIVATE_KEY` to create API-bound signatures.
Evidence against
- `package.json` has no preinstall, install, postinstall, or prepare hook.
- Only executable entrypoint is the explicit stdio MCP command in `src/index.mjs`.
- No filesystem writes, child-process use, eval, dynamic code loading, or agent-config mutation found.
- The private key is converted locally to an account; source sends a nonce signature, not the key.
- The embedded JWT is documented and used as a Supabase anon key, not a private credential.
Behavioral surface
EnvironmentVarsNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcesrc/index.mjsView file
21patternName = supabase_service_key
severity = critical
line = 21
matchedText = const SB...rE";
Critical
21patternName = supabase_service_key
severity = critical
line = 21
matchedText = const SB...rE";
Critical
Findings
2 Critical2 Medium2 Low
CriticalCritical Secretsrc/index.mjs
CriticalSecret Patternsrc/index.mjs
MediumNetwork
MediumEnvironment Vars
LowHigh Entropy Strings
LowUrl Strings