MCPSafe

AutEng MCP - Markdown Publishing & Document Share Links

B
7.5

Publish markdown documents as public share links with mermaid diagram support. Built by AutEng.ai

streamable-httpai-mlfile-system

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-auteng-docs": {
      "type": "streamable-http",
      "url": "https://auteng.ai/mcp/docs"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-auteng-docs": {
      "url": "https://auteng.ai/mcp/docs"
    }
  }
}

Security Report

Score Breakdown

Description10
Permissions10
Behavior5
Stability--

Findings (6)

medium
vague-description

Unclear Scope and Functionality

The server description lacks specificity about what 'publish markdown documents as public share links' entails. It's unclear what data is processed, stored, or transmitted, and what 'public share links' means in terms of access control and data persistence.

medium
network-access

Remote HTTP Endpoint Without Visible Authentication

The server uses a remote HTTP endpoint (streamable-http) at https://auteng.ai/mcp/docs. No authentication mechanism is mentioned in the provided metadata, raising concerns about who can access this endpoint and what controls exist.

medium
excessive-scope

Potential for Unintended Data Exposure

A service that creates 'public share links' for documents could be misused to inadvertently publish sensitive information. The lack of detail about access controls, expiration policies, or data retention raises concerns.

low
vague-description

No Repository or Source Code Available

While a website exists (https://auteng.ai), there is no linked repository. This makes it impossible to audit the actual implementation or verify security practices.

info
vague-description

Tool Definitions Not Available

The server has 0 tools listed and no tool definitions were fetched. This makes it impossible to assess input validation, prompt injection risks, or specific capability constraints.

info
vague-description

Semantic Analysis Summary

This server presents moderate security concerns due to its remote HTTP endpoint, vague description of data handling, and lack of source code transparency. The core functionality of creating public share links introduces inherent risks around unintended data exposure without clear access controls or retention policies. The absence of a repository and tool definitions prevents deeper security analysis.

Last scanned 1h ago

Details

Version
1.1.0
Transport
streamable-http
Capabilities
Website
auteng.ai