turk-hukuku-ictihat-mcp

v0.1.0 suspicious
4.0
Medium Risk

Türk yargı kararlarını (UYAP Emsal — Yargıtay/Bölge Adliye/ilk derece) yapay zekâ araçlarına açan MCP sunucusu.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in terms of network, shell, obfuscation, and credential misuse, but the metadata risk score is high due to signs of low effort and recent creation. This combination warrants further investigation.

  • High metadata risk score
  • Recent and seemingly low-effort creation
Per-check LLM notes
  • Network: The observed network calls appear to be interacting with a legal or governmental API, which is plausible for a package related to Turkish law.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, suggesting no immediate threat to secrets or credentials.
  • Metadata: The repository and package show signs of low effort and recent creation, which could indicate potential malicious intent.

🔬 Heuristic Checks

Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • "pageNumber": sayfa}} r = httpx.post(f"{_BASE}/aramalist", json=govde, headers=_HEADERS, timeout=
  • str(karar_id).strip() r = httpx.get(f"{_BASE}/getDokuman", params={"id": karar_id},
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 10.0

Git history flags: Repository created very recently: 0 day(s) ago (2026-06-04T23:39:47Z)

  • Repository created very recently: 0 day(s) ago (2026-06-04T23:39:47Z)
  • Repository appears empty (size = 0)
  • Very few commits: 2 total
  • Single contributor with only 2 commit(s) — possibly throwaway account
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Package uploaded less than 24 hours ago (2026-06-05T00:04:02.000Z)
  • Author "Aydın Can Polatkan" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)