0
grade F
10 days ago
glama
Web Resource Ledger
π βοΈ - Capture web pages as cryptographically signed, tamper-evident evidence. Ed25519 signatures, RFC 3161 timestamps, and WACZ archives. Four tools: capture_url, get_capture, list_captures, verify_capture.
Install from
M8ven verifies MCPs across every public registry β install directly from whichever one you prefer.
// key findings
π¨
Secret credentials may flow to a network call
3 flows detected: E2E_ADMIN_KEY. We canβt prove the destination matches the brand the credential belongs to.
π¨
Code appears obfuscated
1 file are unreadable to a human reviewer. Cannot audit what they do.
π
You'll be asked for 2 credentials: E2E_ADMIN_KEY, WRL_KEY
These are read from process.env at runtime. Make sure you trust where theyβll be sent.
// required environment variables
This server reads these from
process.env. You'll be asked to provide them before it can run.π secret
E2E_ADMIN_KEYconfig
E2E_BASE_URLconfig
NO_COLORconfig
WRL_BASEπ secret
WRL_KEY// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance β verified publishers only
We have 7 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[](https://m8ven.ai/mcp/benpeter-web-resource-ledger-hajk4h)commit: 2c0daa674681a0a6f0cbbe0702b10dfd32f6c489
code hash: e2c6a88bff437465743a7de97f15b229e7ea664b0bc90886eeffb743fd95fad4
verified: 4/11/2026, 2:19:36 PM