
Research
/Security News
Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
A Python library that provides easy access to Naver Open APIs using FastMCP, including search services for blogs, news, books, encyclopedia, cafes, Q&A, local information, images, shopping, and more
A server implementation for Naver OpenAPI using the Model Context Protocol (MCP). This project provides tools to interact with various Naver services, such as searching blogs, news, books, and more.
To use the Naver MCP server, you need to apply for access to the Naver Open API. You can apply for Open API access at the link below:
https://developers.naver.com/apps/#/register=datalab
Install it to Claude Desktop with (uv):
uv pip install mcp-naver
uv run python -m mcp-naver.hosts.claude_desktop \
-e NAVER_CLIENT_ID=<YOUR NAVER CLIENT ID> \
-e NAVER_CLIENT_SECRET=<YOUR NAVER CLIENT SECRET>
Install it to Claude Desktop with:
pip install mcp-naver
python -m mcp-naver.hosts.claude_desktop \
-e NAVER_CLIENT_ID=<YOUR NAVER CLIENT ID> \
-e NAVER_CLIENT_SECRET=<YOUR NAVER CLIENT SECRET>
Install it to Cursor with (uv):
uv pip install mcp-naver
uv run python -m mcp-naver.hosts.claude_desktop \
-e NAVER_CLIENT_ID=<YOUR NAVER CLIENT ID> \
-e NAVER_CLIENT_SECRET=<YOUR NAVER CLIENT SECRET>
# Clone the repository
git clone https://github.com/pfldy2850/py-mcp-naver.git
# Navigate into the project directory
cd py-mcp-naver
# Synchronize dependencies
uv sync --dev --all-extras
Run it with:
# Start the server (Using FastMCP CLI)
fastmcp install mcp_naver/server.py -e NAVER_CLIENT_ID=<YOUR NAVER CLIENT ID> -e NAVER_CLIENT_SECRET=<YOUR NAVER CLIENT SECRET>
The tool sets up everything you need to create an MCP server integrated with Naver OpenAPI.
This server provides the following tools for interacting with Naver OpenAPI:
The following tools are implemented in the server:
Search blog posts on Naver.
search_blog(query: str, display: int = 10, start: int = 1, sort: str = "sim")
Search news articles on Naver.
search_news(query: str, display: int = 10, start: int = 1, sort: str = "sim")
Search books on Naver.
search_book(query: str, display: int = 10, start: int = 1, sort: str = "sim")
Get detailed book information using title or ISBN.
get_book_adv(query: str = None, d_titl: str = None, d_isbn: str = None, ...)
Check if a search term is adult content.
adult_check(query: str)
Search encyclopedia entries on Naver.
search_encyc(query: str, display: int = 10, start: int = 1)
Search articles in Naver cafes.
search_cafe_article(query: str, display: int = 10, start: int = 1, sort: str = "sim")
Search questions and answers on Naver.
search_kin(query: str, display: int = 10, start: int = 1, sort: str = "sim")
Search local information on Naver.
search_local(query: str, display: int = 10, start: int = 1, sort: str = "random")
Correct spelling errors in a given text.
fix_spelling(query: str)
Search web pages on Naver.
search_webkr(query: str, display: int = 10, start: int = 1)
Search images on Naver with filters.
search_image(query: str, display: int = 10, start: int = 1, sort: str = "sim", filter: str = "all")
Search shopping items on Naver with filters.
search_shop(query: str, display: int = 10, start: int = 1, sort: str = "sim", filter: str = None, exclude: str = None)
Search documents on Naver.
search_doc(query: str, display: int = 10, start: int = 1)
This project is open source software licensed as MIT.
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.