RuRussian MCP
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a coherent Russian tutoring MCP, but it uses a RuRussian API key, external service calls, a paid checkout flow, and local learning memory that users should configure carefully.
Before installing, verify the package/source, use a dedicated RuRussian API key, do not give the bot unattended payment authority, confirm any subscription plan and price before checkout, and configure separate learner identity or memory storage if the bot is shared by multiple users.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A bot with payment authority could initiate and potentially complete a RuRussian subscription purchase.
The skill intentionally exposes a paid checkout workflow. It is disclosed and tied to activation, but payments are high-impact and should require explicit user confirmation.
If the user explicitly asks to buy a plan, call `create_key_purchase_session` ... If the bot can pay, let it complete the hosted checkout flow
Only allow purchases after the user confirms the plan, price, account email, and payment method; do not grant unattended payment authority by default.
Anyone with access to the configured environment or process could potentially use the RuRussian account key.
The MCP reads a RuRussian API key and sends it as a bearer credential for backend calls. This is expected for the service, and status output redacts the key, but the key is still sensitive.
self.api_key: str = os.getenv("RURUSSIAN_API_KEY", "") ... headers["Authorization"] = f"Bearer {self.api_key}"Use a dedicated RuRussian bot API key, store it in a secret manager or protected environment, and only point RURUSSIAN_API_URL at trusted endpoints.
Russian text, translations, and learner identifiers may leave the local OpenClaw environment and be processed by the RuRussian service.
Learner email and submitted language text are sent to the RuRussian backend for saved sentences, translation, analysis, and generation. This is purpose-aligned but is an external data flow.
params={"email": email}, include_auth=True ... json_payload={"text": text, "source_lang": source_lang, "target_lang": target_lang}Avoid sending private or unrelated sensitive text, and ensure users know their learner email/text may be sent to the service.
Learning history can persist across sessions and may influence future lesson recommendations.
The skill persists learner progress, scores, mistakes, and review state to a local JSON store for future personalization.
profile["activity_log"].append({"activity": request.activity.value, "score": request.score, "mistakes": request.mistakes, "timestamp": timestamp}) ... json.dump(store, handle, ensure_ascii=False, indent=2)Configure separate learner IDs/emails or memory store paths for shared bots, and delete or protect the memory file if the data should not persist.
Future dependency changes could affect behavior or security of the installed MCP environment.
The package is installed from the Python package ecosystem and uses mostly unpinned runtime dependencies. This is normal for many packages but means installed dependency versions can vary.
dependencies = ["mcp>=1.0.0", "httpx", "pydantic", "pymorphy3"]
Install from the expected package source, consider pinning versions in managed deployments, and keep the environment updated.