Server data from the Official MCP Registry
Currency conversion plus latest and historical exchange rates. By UnClick.
Currency conversion plus latest and historical exchange rates. By UnClick.
This MCP server exposes 450+ external API endpoints with minimal built-in security controls. The code contains critical vulnerabilities: unauthenticated tool access (tools can be called without validation), API keys passed through tool parameters (exposing them in logs and context), no input validation on user-supplied parameters, and overly broad permissions spanning finance, security scanning, messaging, and payment systems. The server's architecture treats all imported tools as equal without scope restrictions, allowing agents to access sensitive operations like creating AWS infrastructure, transferring funds via Stripe/PayPal, or sending SMS/email to arbitrary recipients. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue (1 critical, 0 high severity).
4 files analyzed · 22 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Unverified package source
We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-malamutemayhem-exchangerate": {
"args": [
"-y",
"unclick"
],
"command": "npx"
}
}
}Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.