friday-mcp-v2
Unknown developer
Threat Summary
Key Security Threats
YARA rule match: -credential_env_files
/tmp/extract-401390579fc228c97c60623446be4dd78760e4fc8aa95f2a45f0f67df966de83-3687707930/dist/wordpress-api.js
YARA rule match: -postinstall_obfuscation
/tmp/extract-401390579fc228c97c60623446be4dd78760e4fc8aa95f2a45f0f67df966de83-3687707930/dist/wordpress-api.js
YARA rule match: -postinstall_file_manipulation
/tmp/extract-401390579fc228c97c60623446be4dd78760e4fc8aa95f2a45f0f67df966de83-3687707930/dist/wordpress-api.js
YARA rule match: -postinstall_network_communication
/tmp/extract-401390579fc228c97c60623446be4dd78760e4fc8aa95f2a45f0f67df966de83-3687707930/dist/wordpress-api.js
YARA rule match: -postinstall_file_download
/tmp/extract-401390579fc228c97c60623446be4dd78760e4fc8aa95f2a45f0f67df966de83-3687707930/dist/wordpress-api.js
All Findings (94)
View all 94 security findings
YARA rule match: -credential_env_files
YARA rule match: -postinstall_obfuscation
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_registry_modification
YARA rule match: -credential_env_files
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_crypto_operations
YARA rule match: -credential_env_files
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_crypto_operations
YARA rule match: -credential_env_files
YARA rule match: -UsingShellInterpreterWhenExecutingOSCommands
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_file_download
YARA rule match: -postinstall_registry_modification
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_crypto_operations
YARA rule match: -postinstall_file_download
YARA rule match: -credential_env_files
YARA rule match: -UsingShellInterpreterWhenExecutingOSCommands
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_system_command
YARA rule match: -postinstall_persistence_mechanism
YARA rule match: -postinstall_environment_access
YARA rule match: -postinstall_crypto_operations
YARA rule match: -credential_env_files
YARA rule match: -postinstall_network_communication
YARA rule match: -postinstall_persistence_mechanism
YARA rule match: -postinstall_environment_access
YARA rule match: -postinstall_file_manipulation
YARA rule match: -postinstall_network_communication
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
Network call of type 'fetch' detected.
XIOC detected Domain: p.id
XIOC detected Domain: livesessions.map
XIOC detected URL: http://127.0.0.1:$
XIOC detected Domain: tabs.map
XIOC detected Domain: postdata.link
XIOC detected Domain: conns.map
XIOC detected Domain: params.search
XIOC detected Domain: params.page
XIOC detected Domain: options.store
XIOC detected Domain: msg.data
XIOC detected Domain: p.link
XIOC detected Domain: terms.map
XIOC detected Domain: t.id
XIOC detected Domain: job.run
XIOC detected Domain: delegatedargs.target
XIOC detected Domain: row.cells.map
XIOC detected Domain: c.style
XIOC detected Domain: blocks.map
XIOC detected Domain: tp.target
XIOC detected Domain: result.deleted.map
XIOC detected Domain: m.id
XIOC detected Domain: m.link
XIOC detected Domain: posts.map
XIOC detected Domain: this.ping
XIOC detected Domain: c.connectededitors.map
XIOC detected Domain: targetschema.properties
XIOC detected Domain: result.target
XIOC detected Domain: debug.polllog.map
XIOC detected Domain: replacement.new
XIOC detected Domain: r.preview.map
XIOC detected Domain: p.new
XIOC detected Domain: existing.ping
XIOC detected Domain: connectededitors.map
XIOC detected Domain: args.site
XIOC detected Domain: cached.site
XIOC detected Domain: allconns.map
XIOC detected Domain: c.name
XIOC detected Domain: storeconnected.map
XIOC detected Domain: candidates.map
XIOC detected Domain: timeouts.global
XIOC detected Domain: t.name
XIOC detected Domain: sessions.map
XIOC detected Domain: probe.ping
XIOC detected Domain: this.server.off
XIOC detected Domain: request.id
XIOC detected Domain: date.now
XIOC detected Domain: timeouts.read
XIOC detected Domain: message.id
XIOC detected Domain: bridge.pid
XIOC detected Domain: this.store
XIOC detected Domain: process.pid
XIOC detected URL: https://example.com)
MCP tool poisoning risk: CODE-SMELL-dist/mcp-server.js-139
MCP tool poisoning risk: CODE-SMELL-dist/mcp-server.js-161
HASH-b43992d936c58e2a
Recommended Action
This extension has significant security concerns that warrant careful review. Consider uninstalling or finding a safer alternative. If you must use it, limit the permissions and monitor for suspicious activity.