→ Publisher: run `forge publish` from the package repo to claim ownership
—Ed25519 publish signature+0/10
→ Included automatically when the publisher runs `forge publish`
—Domain verification+0/5
→ Publisher: host /.well-known/forge.json on the package homepage with { "publisher": "<github-login>" }
—CVE scan · not run+0/30
→ Not yet scanned — package must be on npm
—Static analysis · clean+0/20
→ Not yet scanned — package must be on npm
—npm provenance (Sigstore)+0/5
→ Publish from GitHub Actions with the --provenance flag
Paste into Claude Code, Cursor, or any AI assistant to fix all gaps
StatusCommunity-indexed
PublisherUnverified
SignatureUnsigned
Domain—
Provenance—
DependenciesNot audited
Tool surface—
Security scanNot run
EvalsNone
IndexedJul 9, 2026
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
About
한국 사업자 검증 액션 MCP 서버 — 진위확인·휴폐업·과세유형·세금계산서 발행 가능 여부 (국세청 공공데이터 기반)