mcp-server

This is a developer-facing MCP server implementation guide, not executable malware. It includes instructions to fetch external documentation (WebFetch to modelcontextprotocol.io and raw.githubusercontent.com) and to use SDKs and install dependencies; these create normal but non-trivial supply-chain risks if implementers blindly execute or install unverified remote content. There are no direct instructions to harvest credentials, run remote binaries, or exfiltrate data. Main risks are: (1) supply-chain integrity when fetching remote docs and SDKs without pinning or verification, (2) possible indirect prompt injection if fetched documentation is treated as authoritative and directly executed, and (3) developer implementation mistakes around credential handling. Overall this guide appears legitimate but implementers should apply standard supply-chain protections (pin/verify dependencies, validate remote docs before acting on them, avoid running unreviewed code), and ensure authentication tokens are stored and forwarded securely.