ai.smithery/BadRooBot-my_test_mcp

7.0

Get current weather for any city and create images from your prompts. Streamline planning, reports…

streamable-httpai-ml developer-tools analytics media automation

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-smithery-badroobot-my-test-mcp": {
      "type": "streamable-http",
      "url": "https://server.smithery.ai/@BadRooBot/my_test_mcp/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-smithery-badroobot-my-test-mcp": {
      "url": "https://server.smithery.ai/@BadRooBot/my_test_mcp/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior4

Stability--

Findings (6)

high

vague-description

Overly broad and vague capability claims

The description claims the server can 'Get current weather for any city and create images from your prompts' while also 'Streamline planning, reports…' The ellipsis and vague language about planning/reports suggests undefined additional capabilities beyond the stated weather and image generation.

high

network-access

Remote HTTP endpoint without visible authentication

Server uses streamable-http transport with a remote URL (https://server.smithery.ai/@BadRooBot/my_test_mcp/mcp). This means it accepts connections from the internet. No authentication mechanism is documented.

medium

excessive-tools

Tool definitions unavailable for security review

Tool definitions were not fetched from the server, making it impossible to audit for prompt injection, input validation, or other tool-level security issues. This is a significant gap in the security assessment.

medium

excessive-scope

Scope mismatch: Zero tools but multiple claimed capabilities

The server claims to provide weather and image generation capabilities, but reports 0 tools. This is inconsistent - either the tools weren't properly enumerated, or the description is misleading about actual functionality.

low

info

Repository available for source code review

Positive signal: The server has a public GitHub repository (https://github.com/BadRooBot/python_mcp), allowing for source code inspection and community review.

info

vague-description

Semantic Analysis Summary

This server presents moderate-to-high risk due to vague capability claims, remote HTTP exposure without documented authentication, and unavailable tool definitions preventing security audit. The zero-tool count contradicts the claimed weather and image generation functionality, suggesting either incomplete enumeration or misleading documentation. The public repository is a positive trust signal, but the scope ambiguity and remote exposure warrant caution.

Last scanned 1h ago

Details

Version: 1.14.0
Transport: streamable-http
Capabilities
Repository: BadRooBot/python_mcp