Dangerous action found
create_watch — registers a premium webhook watch and spends a paid credit.
// mcp-server/src/index.ts · registerTool(create_watch) handler (~line 1793)
const data = await fetchJSON(/premium/watches, { method: POST, body, auth: true });Currently: runs unguarded — create_watch registers a webhook callback and spends a credit with no human authorization over the callback_url + type.
Proposed fix — Receipt Required
Wrap the top of the create_watch async handler with @emilia-protocol/require-receipt so it refuses to register the webhook + spend the credit without a receipt covering type + callback_url.
Result after patch (RR-1):
Scope: this is a static reference-implementation assessment of a missing human-authorization receipt on one irreversible action, derived from the repository’s public source. It is not a vulnerability report, not a claim the action is exploitable, and not auth or permissions. Maintainer active (last push 2026-06-29); report intended to go live alongside a fix PR.