ai.smithery/Kryptoskatt-mcp-server

7.0

Enable AI assistants to interact seamlessly with the DefiLlama API by translating MCP tool calls i…

streamable-httpai-ml cloud

Installation

Claude Desktop config (remote)

{
  "mcpServers": {
    "ai-smithery-kryptoskatt-mcp-server": {
      "type": "streamable-http",
      "url": "https://server.smithery.ai/@Kryptoskatt/mcp-server/mcp"
    }
  }
}

Cursor config

{
  "mcpServers": {
    "ai-smithery-kryptoskatt-mcp-server": {
      "url": "https://server.smithery.ai/@Kryptoskatt/mcp-server/mcp"
    }
  }
}

Security Report

Score Breakdown

Description10

Permissions10

Behavior4

Stability--

Findings (7)

high

vague-description

Incomplete and Truncated Description

The server description is cut off mid-sentence ('...translating MCP tool calls i…'), making it impossible to understand the full scope and purpose of the server. This prevents proper security assessment.

high

network-access

Remote HTTP Endpoint Without Visible Authentication

Server operates as a remote HTTP endpoint (streamable-http transport) accessible via https://server.smithery.ai/@Kryptoskatt/mcp-server/mcp. No authentication mechanism is documented, creating exposure to unauthorized access.

high

excessive-scope

Cryptocurrency/DeFi API Integration Without Clear Boundaries

Server claims to interact with DefiLlama API (a cryptocurrency/DeFi data provider). Without tool definitions visible and no source code, the scope of financial data access and potential for misuse cannot be assessed.

medium

vague-description

No Source Code Repository

Server has no associated repository URL, making it impossible to audit the actual implementation, verify claims, or assess code quality and security practices.

medium

vague-description

Tools Not Available for Inspection

Tool definitions could not be fetched from the server. This prevents verification of input validation, prompt injection risks, and actual capability assessment.

low

vague-description

Unknown Author/Publisher

No information about the server author, organization, or publisher. Cannot establish trust signals or verify legitimacy.

info

vague-description

Semantic Analysis Summary

This server presents significant security concerns due to its remote HTTP exposure, incomplete description, lack of source code, and inability to inspect tool definitions. The cryptocurrency/DeFi focus combined with no visible authentication or scope documentation creates risk of unauthorized financial data access. The truncated description prevents proper assessment of actual capabilities.

Last scanned 58m ago

Details

Version: 1.0.0
Transport: streamable-http
Capabilities