Server data from the Official MCP Registry
Global air quality measurements by location and country from OpenAQ. No API key. By UnClick.
Global air quality measurements by location and country from OpenAQ. No API key. By UnClick.
This MCP server exhibits critical security vulnerabilities that warrant immediate attention. The server accepts API keys via MCP config (storing credentials in client-side JSON), exposes 450+ tools with inconsistent authentication patterns, and contains evidence of overly broad permissions. Multiple tools lack proper authentication scope validation, and the architecture relies on passing API keys through user-controlled config without encryption or secure storage mechanisms. These issues, combined with the massive tool surface area and lack of per-tool access controls, create significant attack surface for credential theft and unauthorized API abuse. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue (1 critical, 0 high severity).
4 files analyzed · 18 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Unverified package source
We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-malamutemayhem-openaq": {
"args": [
"-y",
"unclick"
],
"command": "npx"
}
}
}Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.