agentveil-mcp-proxy

v0.7.21 suspicious
6.0
Medium Risk

Source-available MCP transport proxy for AgentVeil Runtime Gate, approval routing, and local evidence

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package exhibits elevated risks in shell and credential handling areas, suggesting potential vulnerabilities. However, there is no clear indication of malicious intent, leading to a cautious 'suspicious' rating.

  • High shell risk due to subprocess execution
  • Elevated credential risk indicating potential for harvesting
Per-check LLM notes
  • Network: The network calls include HTTP and raw socket connections which could be legitimate but also might indicate external control or data exfiltration.
  • Shell: Subprocess execution can be used for legitimate purposes but also raises concerns about potential command execution vulnerabilities that could lead to system compromise.
  • Obfuscation: No obfuscation patterns detected.
  • Credentials: High risk of credential harvesting observed in the code snippet.
  • Metadata: The author's details are sparse and the account seems new or inactive, raising some suspicion but not conclusive evidence of malice.

πŸ“¦ Package Quality Overall: Medium (6.2/10)

✦ High Test Suite 9.0

Test suite present β€” 17 test file(s) found

  • Test runner config found: pyproject.toml
  • 17 test file(s) detected (e.g. test_bundle_verifier_v3.py)
β—ˆ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/agentveil-protocol/agentveil-sdk/tree/mai
  • Detailed PyPI description (12216 chars)
β—‹ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 588 type-annotated function signatures detected in source
β—ˆ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 100 commits in agentveil-protocol/agentveil-sdk
  • Two distinct contributors found

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • oat = 2.0) -> bytes: with socket.create_connection((host, port), timeout=timeout) as sock: sock.settime
  • start() try: with socket.create_connection((server.host, server.port), timeout=2.0) as sock:
  • pending_prompts()[0] with httpx.Client() as client: csrf = _get_csrf(client, server.approva
  • expired()) response = httpx.get(url) assert response.status_code == 200 asse
  • t_not_expired()) with httpx.Client() as client: _csrf, cookie = _get_csrf_and_cooki
  • t_not_expired()) with httpx.Client() as client: csrf, cookie = _get_csrf_and_cookie
βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • ec self.process = subprocess.Popen( [self.downstream.command, *self.downstream.
  • log(rendered) result = subprocess.run( command, cwd=str(cwd) if cwd is not None el
  • t: Path) -> str: result = subprocess.run( ["git", "-C", str(git_root), "rev-parse", "HEAD"],
  • None: self.process = subprocess.Popen( command, stdin=subprocess.PIPE,
⚠ Credential Harvesting score 10.0

Found 6 credential access pattern(s)

  • result = { "secret": os.environ.get("AWS_SECRET_ACCESS_KEY"), "explicit": os.environ.get("EXP
  • "uri:x"), ({"path": "/etc/passwd", "branch": "main"}, "path:/etc/passwd"), ({"branch
  • wd", "branch": "main"}, "path:/etc/passwd"), ({"branch": "main", "issue_number": 42}, "branch
  • din.isatty(): first = getpass.getpass("MCP proxy identity passphrase: ") if not first:
  • t be empty") second = getpass.getpass("Confirm MCP proxy identity passphrase: ") if first
  • din.isatty(): value = getpass.getpass("MCP proxy identity passphrase: ") if not value:
βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: agentveil.dev>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

Repository agentveil-protocol/agentveil-sdk appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with agentveil-mcp-proxy 
Create a mini-application named 'EvidenceCollector' that leverages the 'agentveil-mcp-proxy' package to facilitate secure and efficient communication between a runtime environment and a central evidence collection system. This application will serve as a bridge, ensuring that all communications are routed through the AgentVeil Runtime Gate, with the ability to approve or deny requests based on predefined rules. Here’s a step-by-step guide on how to build it:

1. **Setup Environment**: Begin by setting up your Python development environment. Ensure you have Python 3.x installed along with pip. Install the 'agentveil-mcp-proxy' package using pip.
2. **Design the Application Structure**: Define the structure of your application, including modules for handling connections, routing approvals, and evidence storage.
3. **Implement Connection Handling**: Use 'agentveil-mcp-proxy' to establish a secure connection between your runtime environment and the central evidence collection system. Implement error handling to manage potential disruptions in communication.
4. **Approval Routing**: Integrate logic within your application to route requests through the AgentVeil Runtime Gate. Implement a simple approval system where certain types of data or actions require explicit approval before being processed.
5. **Local Evidence Storage**: Design a feature that allows the application to store locally any evidence that needs further analysis or verification before being sent to the central system.
6. **Security Measures**: Incorporate security measures such as encryption for data at rest and in transit, and ensure compliance with privacy regulations relevant to the data being collected.
7. **User Interface (Optional)**: If time permits, develop a basic user interface allowing users to view collected evidence, approve/disapprove actions, and monitor the status of ongoing operations.
8. **Testing and Validation**: Conduct thorough testing to ensure all functionalities work as expected under various conditions. Validate the security and efficiency of your application.
9. **Documentation**: Write comprehensive documentation detailing how to set up and use the 'EvidenceCollector', including configuration options and best practices for deployment.

Suggested Features:
- Dynamic approval thresholds based on the type of evidence or action.
- Real-time monitoring and alerting for critical events or anomalies.
- Integration with external systems for automated data processing.
- Flexible configuration settings to adapt to different environments or requirements.