Back to Browse
Free
Server data from the Official MCP Registry
A Model Context Protocol (MCP) server for the Have I Been Pwned (HIBP) API
About
A Model Context Protocol (MCP) server for the Have I Been Pwned (HIBP) API
What You'll Need
Set these up before or after installing:
Your Have I Been Pwned API key from https://haveibeenpwned.com/API/KeyRequired
Environment variable: HIBP_API_KEY
Your HIBP API subscription plan (Pwned 1, Pwned 2, Pwned 3, Pwned 4, or Pwned 5)
Environment variable: HIBP_SUBSCRIPTION_PLAN
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-darrenjrobinson-hibp": {
"env": {
"HIBP_API_KEY": "your-hibp-api-key-here",
"HIBP_SUBSCRIPTION_PLAN": "your-hibp-subscription-plan-here"
},
"args": [
"-y",
"@darrenjrobinson/hibp-mcp"
],
"command": "npx"
}
}
}Security Report
6.5
Moderate6.5Moderate RiskThis HIBP MCP server is well-designed with proper authentication, good security practices, and appropriate permissions for its purpose. The server requires API keys, implements rate limiting, uses secure password hashing with k-anonymity, and has clean error handling throughout. Supply chain analysis found 2 known vulnerabilities in dependencies (0 critical, 2 high severity). Package verification found 1 issue.
Scanned 7 files · 6 findings
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
Reviews
No reviews yet
Be the first to review this server!