AppDeploy

6.5

AppDeploy turns app ideas described in AI chat into live full-stack web applications

streamable-httpai-ml developer-tools communication cloud

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-appdeploy-deploy-app": {
      "type": "streamable-http",
      "url": "https://api-v2.appdeploy.ai/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-appdeploy-deploy-app": {
      "url": "https://api-v2.appdeploy.ai/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior3

Stability--

Findings (8)

high

excessive-scope

Extremely Broad Capability Claims

The server claims to turn 'app ideas described in AI chat into live full-stack web applications.' This is an extraordinarily broad scope that could encompass code generation, deployment, infrastructure provisioning, and more. Such sweeping capabilities require careful scrutiny.

high

vague-description

Vague and Unspecific Description

The description lacks technical detail about what the server actually does, what tools it provides, or how it operates. No mention of specific capabilities, limitations, or implementation details.

high

network-access

Remote HTTP Endpoint Without Visible Authentication

The server operates as a remote HTTP endpoint (streamable-http) accessible via https://api-v2.appdeploy.ai/mcp. No authentication mechanism is documented, and the server accepts connections from the internet.

high

code-execution

Implied Code Generation and Deployment Capabilities

A server that creates 'live full-stack web applications' almost certainly involves code generation and execution. This is a critical capability that requires strong validation, sandboxing, and security controls.

medium

vague-description

No Source Code Repository

No repository URL is provided, making it impossible to audit the actual implementation, review security practices, or verify the server's legitimacy.

medium

vague-description

Tool Definitions Not Available

Tools could not be fetched from the server, preventing detailed analysis of actual capabilities, input validation, and potential security issues.

low

info

Unknown Author/Organization

No information about who operates or maintains this server. The domain 'appdeploy.ai' suggests a commercial service, but no website or contact information is documented.

info

vague-description

Semantic Analysis Summary

AppDeploy presents significant security concerns due to its extremely broad claimed capabilities (full-stack application generation and deployment), remote HTTP endpoint without documented authentication, and complete lack of source code or technical documentation. The inability to inspect tool definitions and the vague description make it impossible to assess actual security controls. This server should not be trusted without substantial additional verification and documentation.

Last scanned 1h ago

Details

Version: 1.0.0
Transport: streamable-http
Capabilities