If you want even better nightmares, you can make localhost:8000 forward to a container running claude code with --dangerously-skip-permissions which uses an unkindness of mcp servers to control that endpoint on the fly based (amongst other sources) on 4chan's /b/.

Since this should be a rare thing I don't think it's unreasonable to require users of patterns like this to put some kind of special annotation for that static analysis tool saying "it may not look like it but I'm doing an import here".