Is io.github.dgtalquantumleap-ai/ebenova-legal-docs safe to use?

io.github.dgtalquantumleap-ai/ebenova-legal-docs has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install io.github.dgtalquantumleap-ai/ebenova-legal-docs?

io.github.dgtalquantumleap-ai/ebenova-legal-docs supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with io.github.dgtalquantumleap-ai/ebenova-legal-docs?

io.github.dgtalquantumleap-ai/ebenova-legal-docs is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.

Is io.github.dgtalquantumleap-ai/ebenova-legal-docs actively maintained?

io.github.dgtalquantumleap-ai/ebenova-legal-docs is actively maintained — last commit was 14 days ago.

io.github.dgtalquantumleap-ai/ebenova-legal-docs

vitest

Generate legal documents for 18 jurisdictions. 27 types: NDA, contracts, tenancy agreements.

59.8M/wk 0 tools GitHub npm

No known CVEs

No license

Actively maintained

Last commit 14d ago

Works with most clients

Transport: stdio, sse

0 tools

Grade F

Edit this pageView history

Legal

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-dgtalquantumleap-ai-ebenova-legal-docs": {
      "args": [
        "-y",
        "vitest"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-dgtalquantumleap-ai-ebenova-legal-docs)](https://mcppedia.org/s/io-github-dgtalquantumleap-ai-ebenova-legal-docs)

Read me

What io.github.dgtalquantumleap-ai/ebenova-legal-docs does

getsignova.com · ebenova.dev · api.ebenova.dev

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'vitest' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

57/100across 5 weighted dimensions

How we score →

0255075100

−43

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 fixed

CVE-2025-24964low · fixedCVSS 3.1

Vitest allows Remote Code Execution when accessing a malicious website while Vitest API server is listening

### Summary Arbitrary remote Code Execution when accessing a malicious website while Vitest API server is listening by Cross-site WebSocket hijacking (CSWSH) attacks. ### Details When [`api` option](https://vitest.dev/config/#api) is enabled (Vitest UI enables it), Vitest starts a WebSocket server. This WebSocket server did not check Origin header and did not have any authorization mechanism and was vulnerable to CSWSH attacks. https://github.com/vitest-dev/vitest/blob/9a581e1c43e5c02b11e2a8026

Affected: >= 1.0.0Fixed in 1.6.1source →

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.dgtalquantumleap-ai/ebenova-legal-docs safe to use?: io.github.dgtalquantumleap-ai/ebenova-legal-docs has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.dgtalquantumleap-ai/ebenova-legal-docs?: io.github.dgtalquantumleap-ai/ebenova-legal-docs supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with io.github.dgtalquantumleap-ai/ebenova-legal-docs?: io.github.dgtalquantumleap-ai/ebenova-legal-docs is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is io.github.dgtalquantumleap-ai/ebenova-legal-docs actively maintained?: io.github.dgtalquantumleap-ai/ebenova-legal-docs is actively maintained — last commit was 14 days ago.

Similar servers

Others in legal

View all →

Korean Law Mcp95

87 tools for Korean law — statutes, precedents, ordinances, interpretations | MCP Server · CLI · npm

1.9k 7

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Swiss Caselaw MCP Server88

956k Swiss court decisions: full-text search, citation graph, statute lookup (DE/FR/IT)

36 3

io.github.codespar/mcp-afip88

AFIP — Argentine tax authority, electronic invoicing (Factura Electrónica)

251 2

MCP Security Weekly

Get CVE alerts and security updates for io.github.dgtalquantumleap-ai/ebenova-legal-docs and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Legal

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "io-github-dgtalquantumleap-ai-ebenova-legal-docs": {
      "args": [
        "-y",
        "vitest"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/io-github-dgtalquantumleap-ai-ebenova-legal-docs)](https://mcppedia.org/s/io-github-dgtalquantumleap-ai-ebenova-legal-docs)

Read me

What io.github.dgtalquantumleap-ai/ebenova-legal-docs does

getsignova.com · ebenova.dev · api.ebenova.dev

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'vitest' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

Signova — AI-Powered Legal Document Platform

getsignova.com · ebenova.dev · api.ebenova.dev

Signova generates professional legal documents, contracts, invoices, and compliance reports using AI — built for freelancers, agencies, and small businesses who need legal protection without lawyer fees.

Overview

Signova ships three surfaces from a single codebase:

Consumer web app at getsignova.com — pay-per-document generation, promo redemption, buyer capture
Developer platform at ebenova.dev + api.ebenova.dev — subscription API with keys, usage tracking, and Stripe billing
MCP servers — Model Context Protocol servers that expose the same legal/insights/scope tooling to AI agents (Claude Desktop, Cursor, etc.)

The platform generates 34 document types (NDAs, contracts, offer letters, privacy policies, invoices, change orders, etc.) with jurisdiction-aware drafting for Canada (PIPEDA + Quebec Law 25), the United States (CCPA/CPRA + state privacy laws), the United Kingdom (UK GDPR), the European Union (GDPR), Nigeria (NDPA 2023), South Africa (POPIA), Kenya (DPA 2019), and Ghana (DPA 2012) — all with geo-aware currency detection and locale-specific drafting via Anthropic Claude.

Live URLs

Surface	URL
Consumer site	https://www.getsignova.com
Developer site	https://www.ebenova.dev
API base	https://api.ebenova.dev
OpenAPI spec (file)	`openapi.yaml`

Architecture

Browser / AI Agent
      │
      ▼
Vercel Edge (vercel.json routing + redirects)
      │
      ├─ Static SPA:  Vite build of src/  →  React 19 + React Router 7
      │
      └─ Serverless:  api/*.js  (Node.js functions)
             │
             ├─ Upstash Redis        (API keys, usage, promo state, rate limits)
             ├─ Anthropic Claude     (document generation, scope analysis)
             ├─ Stripe               (consumer checkout + API subscriptions)
             ├─ Resend               (transactional email, waitlist, receipts)
             ├─ Paystack / OxaPay    (Africa + crypto payments)
             └─ Groq                 (fast previews, insight drafts)

Deployed on Vercel (project signova, owner ebenovasolu-5755s-projects). Cron jobs defined in vercel.json drive /v1/insights/poll (every 15 min) and /api/cron/ots-upgrade (every 2 hours).

Tech Stack

Layer	Technology
Frontend	React 19, Vite 7, React Router 7, Phosphor Icons
Backend	Vercel Serverless Functions (Node.js, ESM)
Validation	Zod 3
Data	Upstash Redis (serverless REST)
AI	Anthropic Claude (primary), Groq (previews/drafts)
Payments	Stripe (primary), Paystack (NGN), OxaPay (crypto), Flutterwave
Email	Resend
Analytics	Vercel Analytics, Vercel Speed Insights
MCP	`@modelcontextprotocol/sdk`
Testing	Vitest, @testing-library/react, jsdom

Features

Document generation

34 document types: NDA, freelance/service/consulting agreements, employment offer letters, privacy policy, terms of service, invoices, change orders, scope analysis, and more
Jurisdiction-aware drafting across Canada, USA (with state-level awareness), UK, EU, Nigeria, South Africa, Kenya, and Ghana
Free Groq-powered preview (api/generate-preview.js), premium Claude output on payment verification (api/generate.js, api/v1/documents/generate.js)
Conversation-to-document extraction (api/v1/extract/conversation.js)

Promo system

Promo codes bypass payment to unlock one free document. State is stored in Upstash Redis (promo_uses:CODE counters, promo_ratelimit:IP per-IP hourly limiter). IP rate limit: 5 attempts/hour. All codes defined in api/promo-redeem.js.

Code	Description	Max uses	Expires
`SIGNOVA10`

... View full README on GitHub

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

57/100across 5 weighted dimensions

How we score →

0255075100

−43

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 fixed

CVE-2025-24964low · fixedCVSS 3.1

Vitest allows Remote Code Execution when accessing a malicious website while Vitest API server is listening

Affected: >= 1.0.0Fixed in 1.6.1source →

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is io.github.dgtalquantumleap-ai/ebenova-legal-docs safe to use?: io.github.dgtalquantumleap-ai/ebenova-legal-docs has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install io.github.dgtalquantumleap-ai/ebenova-legal-docs?: io.github.dgtalquantumleap-ai/ebenova-legal-docs supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What AI clients work with io.github.dgtalquantumleap-ai/ebenova-legal-docs?: io.github.dgtalquantumleap-ai/ebenova-legal-docs is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse transport.
Is io.github.dgtalquantumleap-ai/ebenova-legal-docs actively maintained?: io.github.dgtalquantumleap-ai/ebenova-legal-docs is actively maintained — last commit was 14 days ago.