Contabo (VPS) MCP Server

7.0

Contabo API (v1.0.0) as MCP tools for cloud provisioning, and management. Powered by HAPI MCP server

streamable-httpcloud media

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-com-mcp-contabo": {
      "type": "streamable-http",
      "url": "https://contabo.run.mcp.com.ai/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-com-mcp-contabo": {
      "url": "https://contabo.run.mcp.com.ai/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior4

Stability--

Findings (6)

high

network-access

Remote HTTP Endpoint Without Authentication Details

Server operates as a remote HTTP endpoint (streamable-http) at https://contabo.run.mcp.com.ai/mcp. No authentication mechanism, TLS validation details, or access control information is documented. Remote servers are inherently higher risk than local stdio servers.

high

excessive-scope

Broad Cloud Infrastructure Access Claims

Server claims to provide 'cloud provisioning and management' via Contabo API, which typically includes VM creation, deletion, network configuration, and billing operations. This represents significant infrastructure control with potential for resource abuse or cost escalation.

medium

vague-description

Minimal Documentation of Capabilities

Description is brief and lacks detail about specific operations, limitations, or security controls. No information about which Contabo API endpoints are exposed, rate limiting, or operational constraints.

medium

excessive-tools

Tool Definitions Not Available for Inspection

Tool definitions were not fetched from the server, preventing security analysis of input validation, prompt injection risks, or hidden instructions. With 0 tools reported but claiming cloud management capabilities, there's uncertainty about actual exposed functionality.

low

info

Positive Trust Signals Present

Server has associated GitHub repository and website, providing some transparency and accountability. Repository URL allows source code review.

info

vague-description

Semantic Analysis Summary

This Contabo VPS management server presents moderate-to-high risk due to remote HTTP exposure without documented authentication, broad infrastructure control capabilities, and unavailable tool definitions preventing security analysis. While the presence of a GitHub repository provides some trust signals, the lack of detailed documentation about specific operations, rate limiting, and access controls is concerning for a server managing cloud infrastructure.

Last scanned 55m ago

Details

Version: 0.6.0
Transport: streamable-http
Capabilities
Repository: la-rebelion/hapimcp
Website: run.mcp.com.ai