mcp

The server implements a `SecurityHook` to remove sensitive headers and correctly loads secrets from environment variables. Wallet linking (`/api/wallets/link`) uses `viem` for signature verification, which is a standard and secure practice. The `X402WalletHook` explicitly prevents direct insecure private key usage for USDC.e payments by returning an error, acknowledging that proper wallet integration is a future 'TODO'. A notable concern is the reliance on the VLayer service for 'web proofs'; the `VLayer` module's README explicitly states this module performs no cryptographic verification of these proofs itself, delegating trust to the external service. The `/mcp` proxy endpoint utilizes `resolveTargetUrl` which parses target URLs from headers or query parameters, introducing a potential for Server-Side Request Forgery (SSRF) if `targetUrl` validation (specifically the domain filtering in `VLayerHook` if enabled) is not robustly configured. CORS is permissive in development but configurable for production via `TRUSTED_ORIGINS`. No `eval` or obvious malicious patterns were found in the provided code.