ai.smithery/BadRooBot-test_m

7.0

Send quick greetings, scrape website content, and generate text or images on demand. Perform web s…

streamable-httpai-ml developer-tools media automation

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-smithery-badroobot-test-m": {
      "type": "streamable-http",
      "url": "https://server.smithery.ai/@BadRooBot/test_m/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-smithery-badroobot-test-m": {
      "url": "https://server.smithery.ai/@BadRooBot/test_m/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior4

Stability--

Findings (6)

high

excessive-scope

Overly broad capability claims

Server description claims multiple unrelated capabilities: greetings, web scraping, text generation, and image generation. This scope is disproportionately wide for a single utility server and suggests either unclear purpose or hidden functionality.

high

network-access

Remote HTTP endpoint with web scraping capability

Server is exposed via remote HTTPS endpoint and explicitly claims web scraping functionality. This combination enables potential SSRF attacks, data exfiltration, or use as a proxy for malicious web requests.

medium

vague-description

Truncated and unclear description

Server description is incomplete (ends with 'Perform web s…'), making it impossible to fully assess intended capabilities. This lack of clarity is a red flag for security review.

medium

excessive-tools

Tool definitions unavailable for security review

Tool definitions were not fetched from the server, preventing detailed analysis of input validation, prompt injection risks, and actual capability implementation. Cannot verify if claimed capabilities match actual tools.

low

info

Repository available for inspection

Positive signal: Server has a public GitHub repository, allowing source code review and community scrutiny.

info

vague-description

Semantic Analysis Summary

This server presents moderate-to-high risk due to overly broad capability claims (greetings, web scraping, text/image generation) combined with remote HTTP exposure and explicit web scraping functionality. The truncated description and unavailable tool definitions prevent full security assessment. While a GitHub repository exists as a trust signal, the scope mismatch and network-enabled scraping capabilities warrant careful review before deployment.

Last scanned 1h ago

Details

Version: 1.14.0
Transport: streamable-http
Capabilities
Repository: BadRooBot/test_m