This is a proof of concept server created for security research into update hijacking vulnerabilities. It's intentionally benign and exists to demonstrate potential attack vectors in the MCP ecosystem rather than provide production functionality. You'd use this if you're researching supply chain security, testing package update mechanisms, or studying how malicious actors might exploit dependency management systems. The server itself doesn't expose practical operations for everyday use. It's a research artifact meant to help the community understand and defend against a specific class of security threats in the MCP server distribution model.
claude mcp add --transport stdio io.github.nottiboy137-update-hijack-poc -- npx -y @nottiboy1337/mcp-update-hijack-poc