trustysign

CRITICAL: The `README.md` explicitly instructs to use `sshpass -p 'Fr3qu3nc1.' ssh root@161.35.214.46` for deployment. Using `sshpass` with a hardcoded password, especially for `root` access, is an extreme security risk and should NEVER be done in a production environment. This indicates severe operational security vulnerabilities. Potential Server-Side Request Forgery (SSRF) exists due to downloading PDFs from arbitrary `pdf_url` without explicit validation to prevent access to internal network resources. The `save_signed_document` function uses `unquote(attach_name)` for filenames. While it handles URL encoding, using `os.path.basename` would provide stronger protection against directory traversal attacks for saved files. PDF parsing libraries (`pyhanko`, `PyPDF2`, `pdfplumber`) are inherently complex and could be attack vectors, although standard libraries are used. Authentication relies on a single API key stored in an environment variable (`MCP_API_KEY`). While simple, this offers less robust key management (e.g., dynamic rotation, revocation for individual agents) compared to a database-backed system. If this key is compromised, all access is lost.