MCPSafe

HAPI MCP Server

A
8.0

HAPI MCP server: Dynamically exposes OpenAPI REST APIs as MCP tools for AI assistants

streamable-httpai-mlcloud

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-com-mcp-hapi-mcp": {
      "type": "streamable-http",
      "url": "https://{HAPI_FQDN}:{HAPI_PORT}/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-com-mcp-hapi-mcp": {
      "url": "https://{HAPI_FQDN}:{HAPI_PORT}/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10
Permissions10
Behavior6
Stability--

Findings (6)

high
excessive-scope

Dynamic OpenAPI Exposure Without Constraints

The server dynamically exposes arbitrary OpenAPI REST APIs as MCP tools. This means any REST API endpoint can be converted into an MCP tool without apparent validation of what those endpoints do. A malicious or compromised upstream API could perform unauthorized actions.

high
network-access

Remote HTTP Endpoint with Unspecified Authentication

Server uses streamable-http transport on a remote FQDN/port. No authentication mechanism is documented. This allows any network client to connect and potentially invoke arbitrary OpenAPI endpoints through the server.

medium
vague-description

Insufficient Documentation of Capabilities and Constraints

The description is minimal and doesn't explain how the server determines which APIs to expose, what validation occurs, or what security boundaries exist. The website URL appears to be a placeholder/generic docs site.

medium
unconstrained-input

No Tool Definitions Available for Review

Tool definitions could not be fetched, preventing assessment of input validation, parameter constraints, or potential prompt injection vectors in dynamically generated tools.

info
excessive-scope

Broad Architectural Scope

By design, this server acts as a generic bridge to any OpenAPI specification. This is inherently broad and creates a large attack surface if not carefully controlled.

info
vague-description

Semantic Analysis Summary

HAPI MCP Server presents moderate-to-high risk due to its architecture of dynamically exposing arbitrary OpenAPI endpoints without documented validation or access controls. The remote HTTP transport without specified authentication, combined with the inability to review actual tool definitions, prevents full security assessment. The server's broad scope and minimal documentation raise concerns about how upstream API security is managed.

Last scanned 56m ago

Details

Version
0.6.0
Transport
streamable-http
Capabilities
Repository
larebelion/hapimcp
Website
docs.mcp.com.ai