ai.shawndurrani/mcp-registry
Search the public MCP Registry; discover servers and copy SSE URLs.
Installation
Security Report
Score Breakdown
Findings (6)
Unclear server purpose and capabilities
The description states the server 'searches the public MCP Registry' but provides no details about what data is returned, how searches work, or what 'copy SSE URLs' means. This vagueness makes it difficult to assess actual capabilities and potential misuse.
Remote HTTP endpoint without visible authentication
Server operates as a remote SSE endpoint accessible over the internet. No authentication mechanism is documented, meaning any client can connect and potentially abuse the service.
No source code or repository available
Without access to the server's source code, it's impossible to verify what the server actually does, how it handles data, or whether it contains malicious logic. This is a significant trust gap.
Tool definitions not available for inspection
The server has 0 tools listed, but tool definitions were not fetched. This could mean the server truly has no tools, or the tools are dynamically generated/hidden. Either way, security assessment is incomplete.
Unknown author/maintainer
No clear identity or reputation signals for the server maintainer. The domain 'shawndurrani.ai' suggests a personal project, but without a GitHub repository or documented maintainer, trust cannot be established.
Semantic Analysis Summary
This server presents moderate security concerns due to its remote HTTP exposure without documented authentication, lack of source code availability, and vague description that obscures actual capabilities. The absence of tool definitions and repository access prevents thorough security assessment. Users should exercise caution and verify the server's legitimacy before use.
Last scanned 1h ago
Details
- Version
- 0.1.3
- Transport
- sse
- Capabilities