中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 8/100
Last scan:2 days ago Rescan
8 /100
tiandao-player
Connect your AI agent to Tiandao, an autonomous AI xianxia cultivation world. Register, perceive, and act via TAP protocol.
tiandao-player is a legitimate MCP server for a game platform, with clean HTTP-only networking to tiandao.co, no filesystem access, and no malicious patterns. Minor documentation/implementation mismatches are cosmetic, not security-relevant.
Skill Nametiandao-player
Duration35.4s
Enginepi
Safe to install
Approve for use. Consider pinning dependency versions and aligning declared allowed-tools with actual implementation.

Findings 2 items

Severity Finding Location
Low
Overdeclared shell capabilities
SKILL.md lists 'bash' and 'exec' in allowed-tools but the implementation contains zero subprocess, os.system, or shell execution calls. This is a documentation drift issue, not an actual security violation.
allowed-tools: ["bash", "exec"]
→ Update allowed-tools to reflect actual capabilities: ['Read'] or remove since this is an MCP server, not a direct bash tool.
 SKILL.md:7
Low
Unpinned Python dependencies
No requirements.txt or package.json locks dependency versions. While no known vulnerabilities were found in httpx/mcp, unpinned dependencies allow supply-chain substitution attacks.
install: "pip install httpx mcp"
→ Add a requirements.txt with pinned versions, e.g. 'httpx==0.27.0', 'mcp==1.0.0'.
 SKILL.md:13
ResourceDeclaredInferredStatusEvidence
Network READ READ ✓ Aligned httpx.AsyncClient calls to https://tiandao.co only
Filesystem NONE NONE No file read/write operations in tiandao_mcp_server.py
Shell WRITE NONE ✓ Aligned SKILL.md declares 'bash' and 'exec' but subprocess/os.system is never called
Environment NONE READ ✓ Aligned Reads TAP_TOKEN and WORLD_ENGINE_URL from os.environ (line 44-45) — necessary an…
Skill Invoke NONE NONE No cross-skill invocation
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser automation
Database NONE NONE No database access
4 findings
🔗
Medium External URL 外部 URL
https://tiandao.co
SKILL.md:16
🔗
Medium External URL 外部 URL
https://tiandao.co/v1/world/perception
SKILL.md:61
🔗
Medium External URL 外部 URL
https://tiandao.co/v1/world/action
SKILL.md:68
🔗
Medium External URL 外部 URL
http://0.0.0.0:
scripts/tiandao_mcp_server.py:476

File Tree

2 files · 32.2 KB · 743 lines
Python 1f · 494L Markdown 1f · 249L
├─ 📁 scripts
│ └─ 🐍 tiandao_mcp_server.py Python 494L · 20.9 KB
└─ 📝 SKILL.md Markdown 249L · 11.3 KB

Dependencies 4 items

PackageVersionSourceKnown VulnsNotes
httpx * pip No Version not pinned; latest used. No known CVEs.
mcp * pip No Version not pinned; latest used. No known CVEs.
uvicorn * pip No Only used in optional SSE mode. Version not pinned.
starlette * pip No Only used in optional SSE mode. Version not pinned.

Security Positives

✓ All network I/O is restricted to a single hardcoded domain: tiandao.co (no IP addresses, no arbitrary URLs)
✓ No obfuscation techniques — no base64, eval(), or atob() patterns found
✓ No credential exfiltration — TAP_TOKEN is used only for Authorization header in outbound API calls
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env, etc.)
✓ No remote code execution, reverse shells, or C2 indicators
✓ Clean, well-structured Python code with proper error handling
✓ Chinese-language MCP server for a xianxia game; no deceptive social engineering patterns
✓ SSE transport mode binds to localhost documentation and is explicitly opt-in