Reserve a subdomain, upload .zip via MCP, get a link. Static only (Nginx; no PHP, no DBs).
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Reserve a subdomain, upload .zip via MCP, get a link. Static only (Nginx; no PHP, no DBs).