Cirra AI Salesforce Admin MCP Server

7.0

Comprehensive Salesforce administration and data management capabilities

streamable-httpai-ml cloud

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-cirra-salesforce-mcp": {
      "type": "streamable-http",
      "url": "https://mcp.cirra.ai/sfdc/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-cirra-salesforce-mcp": {
      "url": "https://mcp.cirra.ai/sfdc/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior4

Stability--

Findings (7)

high

vague-description

Overly Broad and Vague Description

The description 'Comprehensive Salesforce administration and data management capabilities' is extremely vague and doesn't specify what actual operations are supported. 'Comprehensive' and 'administration' are red flags suggesting potentially unrestricted access to Salesforce systems.

high

network-access

Remote HTTP Endpoint Without Visible Authentication

Server operates as a remote HTTP endpoint (streamable-http) at https://mcp.cirra.ai/sfdc/mcp. No authentication mechanism is documented in the provided metadata, creating potential exposure if the server accepts unauthenticated requests.

high

excessive-scope

Salesforce Admin Access Claims Without Scope Definition

The server claims 'Salesforce administration' capabilities, which typically implies broad system access including user management, configuration changes, and data manipulation. No tools are exposed (0 tools), making it impossible to verify actual scope.

medium

excessive-scope

Data Management Claims Without Specification

The description mentions 'data management capabilities' without clarifying what data, what operations (read/write/delete), or what constraints exist. This is too broad for a specialized server.

medium

vague-description

Tool Definitions Unavailable for Verification

Tool definitions could not be fetched from the server. This prevents security analysis of actual capabilities, input validation, and potential injection vectors. A legitimate server should have accessible tool documentation.

low

info

Positive: Repository Available

The server has a public GitHub repository (https://github.com/cirra-ai/mcp-server), which is a positive trust signal allowing for code review.

info

vague-description

Semantic Analysis Summary

This Salesforce admin server presents significant security concerns due to its vague description claiming 'comprehensive administration' capabilities without defining scope, combined with a remote HTTP endpoint and unavailable tool definitions for verification. The mismatch between claimed admin functionality and zero exposed tools is suspicious. While the GitHub repository is a positive signal, the lack of specific documentation about what operations are actually supported and how access is controlled makes this server high-risk for deployment.

Last scanned 57m ago

Details

Version: 1.0.0
Transport: streamable-http
Capabilities
Repository: cirra-ai/mcp-server