Back to Browse
Free
Server data from the Official MCP Registry
Search songs and artists and get song and artist detail from Genius. By UnClick.
About
Search songs and artists and get song and artist detail from Genius. By UnClick.
Security Report
1.2
Use Caution1.2Critical RiskUnClick is a large MCP server aggregating 450+ API integrations across numerous external services. The codebase exhibits critical security vulnerabilities: plaintext API key handling in configuration, unauthenticated access to sensitive operations, overly broad permissions (network_http, env_vars, shell_exec via process spawning), and dangerous patterns including arbitrary API calls to unvetted external services. The "hidden internal catalog" and dynamic endpoint discovery system allows agents to call any integrated API without explicit consent, creating significant privilege escalation and data exfiltration risks. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue (1 critical, 0 high severity).
4 files analyzed · 19 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
Unverified package source
We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-malamutemayhem-genius": {
"args": [
"-y",
"unclick"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
UnClick MCP server
The app store for AI agents. unclick.world
450+ callable endpoints across 178+ tools, available to any MCP-compatible AI client. New tools ship to the API continuously. Your agent picks them up automatically; no package update is needed.
Install
Using the latest GitHub release (no npm account required):
{
"mcpServers": {
"unclick": {
"command": "npx",
"args": ["-y", "https://github.com/malamutemayhem/unclick/releases/latest/download/unclick.tgz"]
}
}
}
Add this to your claude_desktop_config.json (or equivalent for Cursor, Windsurf, etc).
Or install globally from GitHub:
npm install -g https://github.com/malamutemayhem/unclick/releases/latest/download/unclick.tgz
Operational Notes
This repo follows the AGENTS.md fence rules for agent work.
Run
For local web development:
npm run dev
For the API workspace:
npm run dev:api
Test
Run the main test suite:
npm test
Run the production build check:
npm run build
License
This repository is licensed under the MIT License. See LICENSE.
What it does
Gives your agent access to a growing catalog of tools across developer utilities, social media, e-commerce, finance, messaging, media, security, and more. You don't need to install separate packages for each integration. One server provides access to everything in the catalog.
Tool Surface
UnClick exposes a small direct surface for daily agent workflows, plus hidden internal discovery tools for the full catalog.
| Tool group | Tools |
|---|---|
| Memory session protocol | load_memory, save_fact, search_memory, save_identity, save_session |
| Signals and Fishbowl coordination | check_signals, read_messages, post_message, create_todo, list_todos, update_todo, complete_todo, create_idea, list_ideas, vote_on_idea, promote_idea_to_todo |
| Hidden internal catalog tools | unclick_search, unclick_browse, unclick_tool_info, unclick_call |
The agent starts with memory, uses direct Fishbowl tools for coordination, and can still call the hidden catalog tools by name when it needs dynamic endpoint discovery.
Compatibility and advanced memory operations
- Legacy memory names still work as aliases:
get_startup_context->load_memory,write_session_summary->save_session,add_fact->save_fact,set_business_context->save_identity. - The remaining memory operations are intentionally not listed in
ListToolsand are called throughunclick_callwithendpoint_id: "memory.<op>"(for examplememory.manage_decay,memory.store_code,memory.log_conversation,memory.supersede_fact,memory.upsert_library_doc).
Requirements
- Node.js 18+
- An API key from unclick.world
Set your key as an environment variable:
UNCLICK_API_KEY=your_key_here
Or pass it via the MCP config:
{
"mcpServers": {
"unclick": {
"command": "npx",
"args": ["-y", "https://github.com/malamutemayhem/unclick/releases/latest/download/unclick.tgz"],
"env": {
"UNCLICK_API_KEY": "your_key_here"
}
}
}
}
More
Full catalog, docs, and API keys at unclick.world.
Reviews
No reviews yet
Be the first to review this server!
More Developer Tools MCP Servers
Git
Freeby Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
80.0K
Stars
4
Installs
6.5
Security
No ratings yet
Local
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
137
Stars
485
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
65
Installs
10.0
Security
4.6
Local