Dangerous action found
scope_dispatch_matter — irreversibly dispatches a budgeted hiring / procurement matter to external vendors.
// packages/mcp-core/src/tools.ts · scope_dispatch_matter handler (registerCoreTools)
return api.post("/api/scopes", { ... });Currently: runs unguarded — the handler's only precondition is an `if (!api.hasAuth())` token check at tools.ts:141. No human signs off the external dispatch.
Proposed fix — Receipt Required
Insert a @emilia-protocol/require-receipt check immediately after the `if (!api.hasAuth())` guard (tools.ts:141), before the `api.post("/api/scopes", ...)` dispatch, so a human authorization receipt for the exact matter is required first.
Result after patch (RR-1):
Scope: this is a static reference-implementation assessment of a missing human-authorization receipt on one irreversible action, derived from the repository’s public source. It is not a vulnerability report, not a claim the action is exploitable, and not auth or permissions. Maintainer active (last push 2026-06-10); this report is intended to go live alongside a fix PR.