Server data from the Official MCP Registry
Search songs and artists and get song and artist detail from Genius. By UnClick.
Search songs and artists and get song and artist detail from Genius. By UnClick.
UnClick is a large MCP server aggregating 450+ API integrations across numerous external services. The codebase exhibits critical security vulnerabilities: plaintext API key handling in configuration, unauthenticated access to sensitive operations, overly broad permissions (network_http, env_vars, shell_exec via process spawning), and dangerous patterns including arbitrary API calls to unvetted external services. The "hidden internal catalog" and dynamic endpoint discovery system allows agents to call any integrated API without explicit consent, creating significant privilege escalation and data exfiltration risks. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue (1 critical, 0 high severity).
4 files analyzed · 19 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Unverified package source
We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-malamutemayhem-genius": {
"args": [
"-y",
"unclick"
],
"command": "npx"
}
}
}Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.