Recipes tools for recipes, meals, cooking by UnClick.
UnClick is a large MCP server aggregating 450+ tool integrations across diverse APIs. While the architecture and tool wiring are well-organized, critical security concerns exist: the server requires API keys but lacks documented input validation and rate-limiting mechanisms across its vast tool surface, creates substantial network exposure (450+ endpoints), and stores sensitive credentials in environment variables without encryption. Several tool implementations appear incomplete or poorly documented, increasing risk of unexpected behavior or privilege escalation. The reliance on external API keys combined with minimal guardrails for a developer-facing "app store" architecture is concerning. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue (1 critical, 0 high severity).
4 files analyzed · 16 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Unverified package source
We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-malamutemayhem-meal": {
"args": [
"-y",
"unclick"
],
"command": "npx"
}
}
}Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.