
Research
/Security News
Compromised npm Packages in the AsyncAPI Namespace Deliver Miasma Botnet Loader
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.
@ansvar/ch-farm-safety-mcp
Advanced tools
Swiss farm workplace safety via MCP -- BUL/SPAA rules, Suva requirements, EKAS Branchenloesung, Agriss statistics, machinery safety, chemical exposure
Machine-readable Swiss farm workplace safety data via the Model Context Protocol.
Covers BUL/SPAA safety rules (lebenswichtige Regeln), Suva occupational safety requirements, EKAS Branchenloesung Landwirtschaft, Agriss accident statistics, machinery safety (ROPS, MFK, PTO guards), chemical exposure (PSM, MAK values), young worker restrictions (Jugendarbeitsschutz), and accident reporting obligations.
npx -y @ansvar/ch-farm-safety-mcp
docker run -p 3000:3000 ghcr.io/ansvar-systems/ch-farm-safety-mcp:latest
https://mcp.ansvar.eu/ch-farm-safety/mcp
No authentication required. Rate-limited to fair use.
Add to your MCP client config:
{
"mcpServers": {
"ch-farm-safety": {
"command": "npx",
"args": ["-y", "@ansvar/ch-farm-safety-mcp"]
}
}
}
Or use the remote endpoint:
{
"mcpServers": {
"ch-farm-safety": {
"url": "https://mcp.ansvar.eu/ch-farm-safety/mcp"
}
}
}
10 tools covering Swiss farm workplace safety:
| Tool | Description |
|---|---|
about | Server metadata: name, version, coverage, data sources |
list_sources | All data sources with authority, URL, license, freshness |
check_data_freshness | Last ingest date, staleness status, refresh command |
search_safety_rules | FTS5 search across BUL/Suva/EKAS safety rules |
get_risk_assessment_requirements | Risk assessment obligations per farm activity (EKAS/VUV) |
get_machinery_safety | ROPS, Gurtpflicht, MFK, PTO guard requirements by machine type |
get_chemical_safety | MAK exposure limits, PPE, storage rules by substance |
get_young_worker_rules | Jugendarbeitsschutz restrictions by age group |
get_accident_reporting | Reporting deadlines, forms, insurer by severity |
search_bul_guidance | BUL/SPAA guidance documents, fact sheets, campaigns |
Full tool documentation: TOOLS.md
| Source | Authority | Coverage |
|---|---|---|
| BUL/SPAA | Beratungsstelle fuer Unfallverhuetung in der Landwirtschaft | Lebenswichtige Regeln, Merkblaetter, Safe@Work |
| Suva | Schweizerische Unfallversicherungsanstalt | MAK values, PPE, accident reporting |
| EKAS | Eidg. Koordinationskommission fuer Arbeitssicherheit | Branchenloesung Landwirtschaft, ASA concept |
| Agriss | BUL / Agroscope | Farm accident statistics |
| SECO | Staatssekretariat fuer Wirtschaft | Young worker protection (ArGV 5) |
Coverage details: COVERAGE.md
npm install
npm run build
npm test
npm run lint
npm run ingest # incremental update
npm run ingest:full # force full re-ingestion
npm run ingest:fetch # fetch sources only (no DB write)
npm run ingest:diff # show changes without applying
npm run freshness:check
Data staleness threshold: 90 days. The check-freshness.yml workflow runs weekly and opens an issue if data is stale.
This server provides Swiss farm safety data for informational purposes only. It does not constitute professional safety advice. Always consult BUL/SPAA, Suva, or a qualified safety professional (Sicherheitsfachperson) before implementing safety measures.
See DISCLAIMER.md for the full bilingual disclaimer.
Apache-2.0 -- see LICENSE.
Data sourced from BUL/SPAA, Suva, EKAS, Agriss, and SECO under Swiss public-sector information principles.
FAQs
Swiss farm workplace safety via MCP -- BUL/SPAA rules, Suva requirements, EKAS Branchenloesung, Agriss statistics, machinery safety, chemical exposure
We found that @ansvar/ch-farm-safety-mcp demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.