Squad
Your AI Product Manager. Surface insights, build roadmaps, and plan strategy with 30+ tools.
Installation
Claude Desktop config (remote)
{
"mcpServers": {
"ai-meetsquad-squad": {
"type": "streamable-http",
"url": "https://mcp.meetsquad.ai/mcp"
}
}
}Cursor config
{
"mcpServers": {
"ai-meetsquad-squad": {
"url": "https://mcp.meetsquad.ai/mcp"
}
}
}Security Report
Score Breakdown
Findings (5)
Vague capability claims without specifics
The description claims '30+ tools' for product management but provides no details about what these tools actually do, what data they access, or what permissions they require.
Remote HTTP endpoint without visible authentication
Server is exposed via remote HTTPS endpoint (https://mcp.meetsquad.ai/mcp). While HTTPS provides transport security, there's no indication of authentication mechanisms or rate limiting visible in the metadata.
Broad scope for a single-purpose tool
A product management assistant claiming 30+ tools suggests very broad capabilities. The scope seems expansive for what should be a focused utility.
Tool definitions unavailable for security review
Tool definitions were not fetched from the server, preventing detailed analysis of input validation, prompt injection risks, and actual capabilities.
Semantic Analysis Summary
Squad presents moderate security concerns due to a significant discrepancy between claimed capabilities (30+ tools) and available metadata (0 tools shown), combined with vague descriptions of what these tools actually do. The remote HTTP endpoint adds network exposure risk. The GitHub repository is a positive trust signal, but without access to tool definitions or authentication details, the actual security posture cannot be fully assessed.
Last scanned 52m ago
Details
- Version
- 3.0.1
- Transport
- streamable-http
- Capabilities
- Repository
- the-basilisk-ai/squad-mcp