MCPSafe

AutEng MCP - Markdown Publishing & Document Share Links

B
7.5

Publish markdown documents as public share links with mermaid diagrams. Built by AutEng.ai

streamable-httpai-mlfile-system

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-auteng-mcp": {
      "type": "streamable-http",
      "url": "https://auteng.ai/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-auteng-mcp": {
      "url": "https://auteng.ai/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10
Permissions10
Behavior5
Stability--

Findings (6)

medium
vague-description

Unclear Scope and Functionality

The server description lacks technical detail about what 'publish markdown documents as public share links' entails. It's unclear what data is processed, where documents are stored, retention policies, or access controls.

medium
network-access

Remote HTTP Endpoint Without Visible Authentication

The server uses streamable-http transport with a remote URL (https://auteng.ai/mcp). No authentication mechanism is documented. Remote endpoints are higher risk than local stdio servers.

medium
excessive-scope

Potential for Unintended Data Exposure

A service that publishes documents as 'public share links' could be misused to exfiltrate sensitive data if users aren't careful about what they send. The server's role in this process (validation, filtering, warnings) is unclear.

low
info

No Source Code Repository

While a website exists (https://auteng.ai), there is no public repository link. This limits transparency and community security review.

low
info

Tool Definitions Not Available

Tool definitions were not fetched from the server, preventing detailed analysis of input validation, prompt injection risks, or capability constraints.

info
vague-description

Semantic Analysis Summary

This server presents moderate security concerns due to its remote HTTP endpoint without documented authentication, vague description of data handling, and potential for unintended data exposure through public sharing. The lack of source code repository and unavailable tool definitions prevent deeper security analysis. While the stated purpose (markdown publishing) is reasonable, the implementation details and safeguards are unclear.

Last scanned 1h ago

Details

Version
1.0.1
Transport
streamable-http
Capabilities
Website
auteng.ai