ai.smithery/BowenXU0126-aistudio_hw3

7.0

Send personalized greetings with optional pirate flair. Compose friendly salutations for any name…

streamable-httpai-ml

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-smithery-bowenxu0126-aistudio-hw3": {
      "type": "streamable-http",
      "url": "https://server.smithery.ai/@BowenXU0126/aistudio_hw3/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-smithery-bowenxu0126-aistudio-hw3": {
      "url": "https://server.smithery.ai/@BowenXU0126/aistudio_hw3/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior4

Stability--

Findings (6)

high

network-access

Remote HTTP Endpoint Without Authentication

Server is exposed via remote HTTP endpoint (https://server.smithery.ai/@BowenXU0126/aistudio_hw3/mcp) rather than local stdio. This means the server accepts connections from the internet and may be accessible to unauthorized parties.

medium

vague-description

Vague and Incomplete Description

The description 'Send personalized greetings with optional pirate flair. Compose friendly salutations for any name…' is incomplete (ends with ellipsis) and lacks clarity about actual capabilities, limitations, and intended use.

medium

excessive-tools

Tool Definitions Unavailable

Tool definitions could not be fetched from the server, preventing security analysis of actual capabilities, input validation, and potential injection vectors. This is a significant gap in the audit.

low

excessive-scope

Unclear Scope and Purpose

The stated purpose (greeting/salutation generation) seems narrow, but without tool definitions, the actual scope cannot be verified. The 'optional pirate flair' feature is unusual and suggests potential for prompt injection if not carefully implemented.

info

vague-description

Positive: Source Code Available

Repository link is provided (https://github.com/BowenXU0126/aistudio_hw3), allowing for code review and verification of actual implementation.

info

vague-description

Semantic Analysis Summary

This server presents moderate security concerns due to its remote HTTP exposure without apparent authentication, incomplete description, and unavailable tool definitions that prevent proper capability assessment. While a source repository is available for review, the vague description and inability to inspect actual tools limit confidence in its safety. The 'pirate flair' feature warrants code review to ensure it doesn't enable prompt injection attacks.

Last scanned 1h ago

Details

Version: 1.16.0
Transport: streamable-http
Capabilities
Repository: BowenXU0126/aistudio_hw3