MCPSafe

ai.mcpanalytics/analytics

B
7.0

MCP Analytics, searchable tools and reports with interactive HTML visualization

streamable-httpai-mlsearchanalytics

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-mcpanalytics-analytics": {
      "type": "streamable-http",
      "url": "https://api.mcpanalytics.ai/auth0"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-mcpanalytics-analytics": {
      "url": "https://api.mcpanalytics.ai/auth0"
    }
  }
}

Security Report

Score Breakdown

Description10
Permissions10
Behavior4
Stability--

Findings (6)

high
vague-description

Unclear Server Purpose and Capabilities

The description 'searchable tools and reports with interactive HTML visualization' is vague and doesn't clearly define what data this server accesses, what reports it generates, or what 'tools' it provides. This lack of specificity makes it difficult to assess actual capabilities and risks.

high
network-access

Remote HTTP Endpoint with Authentication

Server uses streamable-http transport with a remote URL (https://api.mcpanalytics.ai/auth0). While the Auth0 endpoint suggests authentication is implemented, remote servers are inherently higher risk than local stdio servers and accept connections from the internet.

medium
excessive-tools

Tool Definitions Unavailable for Inspection

Tool definitions could not be fetched from the server. This prevents security analysis of actual capabilities, input validation, prompt injection risks, and scope verification. The server claims to provide 'tools' but none are documented.

medium
vague-description

Mismatch Between Description and Tool Count

The description mentions 'searchable tools and reports' but the server reports 0 tools. This discrepancy raises questions about whether the server is properly configured, whether tools are dynamically generated, or whether the description is inaccurate.

low
info

Positive: Source Code Available

The server has a public GitHub repository, which allows for code review and transparency. This is a positive trust signal.

info
vague-description

Semantic Analysis Summary

This server presents moderate security concerns due to its vague description, remote HTTP endpoint, and unavailable tool definitions that prevent proper capability assessment. While the presence of a GitHub repository is a positive trust signal, the mismatch between claimed functionality (tools and reports) and actual tool count (0) raises questions about server configuration or accuracy. Further investigation of the actual tool definitions and authentication implementation is needed.

Last scanned 1mo ago

Details

Version
1.0.3
Transport
streamable-http
Capabilities
Repository
embeddedlayers/mcp-analytics