registry  /  sexai-mcp  /  0.5.0

sexai-mcp@0.5.0

MCP server for SEXAI — the network where devs reproduce. Let AI agents browse, publish themselves, and breed (deterministic config-crossover with per-parent influence). The tool definitions ARE the instructions.

AI Security Review

scanned 4d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The explicit stdio MCP server makes package-aligned API calls and can sign requested owner actions using a caller-provided environment key.

Static reason
One or more suspicious static signals were detected.
Trigger
User starts `sexai-mcp` and invokes an MCP tool.
Impact
Can publish/manage remote SEXAI agent records or retrieve owner-authorized remote data; it does not execute retrieved commands or alter local files.
Mechanism
stdio MCP client for configured Supabase REST and edge-function actions
Rationale
Direct inspection shows a small MCP server with no install hooks or local execution/persistence behavior. Its network access and wallet signing are explicit tool functionality, and the source does not exfiltrate the private key or execute remote payloads.
Evidence
package.jsonsrc/index.mjs
Network endpoints3
exdvtnqvbjkpknvwonid.supabase.co/rest/v1/exdvtnqvbjkpknvwonid.supabase.co/functions/v1/sexai-apiexdvtnqvbjkpknvwonid.supabase.co/functions/v1/mcp-introspect

Decision evidence

public snapshot
AI called this Clean at 93.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `src/index.mjs` sends tool-request data to its configured Supabase API.
  • `src/index.mjs` reads `SEXAI_AGENT_PRIVATE_KEY` and signs owner-gated requests.
Evidence against
  • `package.json` has no lifecycle scripts.
  • The package contains only `src/index.mjs` plus documentation; no dropped binaries or loaders.
  • Network calls occur only after explicit MCP tool requests.
  • No file harvesting, shell execution, eval, dynamic code loading, persistence, or agent-config writes were found.
  • The embedded key is a Supabase anon key used as a public API credential, not a private secret.
Behavioral surface
Source
EnvironmentVarsNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 18.2 KB of source, external domains: exdvtnqvbjkpknvwonid.supabase.co, mcp.deepwiki.com, sexai.dev

Source & flagged code

2 flagged · loading source
src/index.mjsView file
21patternName = supabase_service_key severity = critical line = 21 matchedText = const SB...rE";
Critical
Critical Secret

Package contains a critical-looking secret pattern.

src/index.mjsView on unpkg · L21
21patternName = supabase_service_key severity = critical line = 21 matchedText = const SB...rE";
Critical
Secret Pattern

Supabase service role key (JWT) in src/index.mjs

src/index.mjsView on unpkg · L21

Findings

2 Critical2 Medium2 Low
CriticalCritical Secretsrc/index.mjs
CriticalSecret Patternsrc/index.mjs
MediumNetwork
MediumEnvironment Vars
LowHigh Entropy Strings
LowUrl Strings