Security-reviewed MCP servers and agent tools
MCP and agent resources that deserve extra scrutiny for credentials, file access, network access, and operational trust.
MCP and agent resources that deserve extra scrutiny for credentials, file access, network access, and operational trust.
Compared at a glance
The top 5 picks side by side on trust, install, platform support, and disclosed notes — full rationale for each below.
3 trust signals differ across this comparison (Package trust, Source provenance, Submitter).
Next steps differ across picks — use the actions in the table below to copy install commands and source links per resource.
| Field | Build applications, analyze traffic, and manage security settings through Cloudflare Open dossier | Security analysis and vulnerability scanning for dependencies Open dossier | Configure and manage Stytch authentication services and workspace settings Open dossier | Official AWS Labs MCP server for AWS CloudTrail that lets AI assistants query account activity for security investigations, compliance auditing, and operational troubleshooting via Event History and CloudTrail Lake SQL. Open dossier | A Stop hook that runs npm audit, pip-audit, safety, or bundler-audit automatically at the end of every Claude Code session, detecting CVEs and outdated packages across Node.js, Python, and Ruby projects. Open dossier |
|---|---|---|---|---|---|
| Next stepsDiffers | |||||
| Trust | |||||
| Review status | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed | ReviewedMaintainer reviewed |
| Package trustDiffers | Package verified | Package verified | Package verified | Package not verified | Package not verified |
| Source provenanceDiffers | No submission link | No submission link | No submission link | Source-backed | Source-backed |
| SubmitterDiffers | — | — | — | jaso0n0818 | — |
| Install risk | Low risk | Low risk | Low risk | Review first | Review first |
| Notes | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ | Safety ✓ Privacy ✓ |
| Brand | — | ||||
| Category | mcp | mcp | mcp | mcp | hooks |
| Source | First-party | First-party | First-party | Source-backed | Source-backed |
| Author | Cloudflare | Socket | Stytch | AWS Labs | JSONbored |
| Added | 2025-09-18 | 2025-09-18 | 2025-09-18 | 2026-06-21 | 2025-09-19 |
| Platforms | |||||
| Harness | |||||
| Source repo | — | — | — | — | — |
| Safety notes | ✓Use a least-privilege Cloudflare token because DNS, security, Worker, and deployment actions can affect production services. | ✓Treat dependency risk findings as triage input and verify impact before blocking releases or changing package policy. | ✓Restrict Stytch workspace and admin permissions because auth configuration changes can affect sign-in and account security. | ✓The provided tools are read-only — they look up CloudTrail events and run Lake queries, and do not modify infrastructure. Grant only the CloudTrail read permissions listed in the documentation (least privilege). This server reads audit data with your AWS credentials; scope the profile to the intended account and run it only on a trusted host. CloudTrail Lake SQL queries against large event data stores can incur AWS query/scan costs; review query scope before running broad analyses. | ✓Runs automatically at session end and invokes local package-manager audit tools when dependency lockfiles are present. May contact package registries or vulnerability advisory services through npm, yarn, safety, pip, or bundler-audit. Writes a timestamped security-audit log in the current working directory. |
| Privacy notes | ✓Zone settings, analytics, logs, account identifiers, deployment metadata, and security configuration may be sent through model context. | ✓Package names, manifests, dependency graphs, repository context, and security findings may be sent through tool calls. | ✓User identities, authentication logs, session details, workspace settings, and security configuration may be sent through tool calls. | ✓CloudTrail events expose account activity: usernames, access key IDs, source IPs, ARNs, and API call details can be returned to the model. Keep account identifiers, credentials, and returned event contents out of public prompts, issues, and screenshots, since audit data is sensitive. | ✓Reads dependency manifests and lockfiles to identify package managers and audit targets. The generated audit log may include package names, versions, vulnerability identifiers, and remediation output. External audit tools may send package metadata to their configured registries or advisory services. |
| Prerequisites |
|
|
|
| — none listed |
| Install | | | | | |
| Config | | | | | |
| Citations | |||||
| Claim | Unclaimed | Unclaimed | Unclaimed | Unclaimed | Unclaimed |
- 01
Cloudflare MCP Server - MCP Servers
Build applications, analyze traffic, and manage security settings through Cloudflare
Added 10mo agoSafety ✓ Privacy ✓by CloudflareWhy it made the cutCloudflare MCP Server - MCP Servers is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 02
Socket MCP Server for Claude
Security analysis and vulnerability scanning for dependencies
Added 10mo agoSafety ✓ Privacy ✓by SocketWhy it made the cutSocket MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 03
Stytch MCP Server for Claude
Configure and manage Stytch authentication services and workspace settings
Added 10mo agoSafety ✓ Privacy ✓by StytchWhy it made the cutStytch MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 04
AWS CloudTrail MCP Server
Connect Claude to AWS CloudTrail to look up account events, analyze user activity, track API calls, and run CloudTrail Lake SQL for audits.
Added 28d agoSafety ✓ Privacy ✓by AWS Labs · submitted by jaso0n0818Why it made the cutAWS CloudTrail MCP Server is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 05
Dependency Security Audit
Stop hook that runs npm audit, pip-audit, safety, or bundler-audit at session end and saves a timestamped CVE report.
Trigger:StopAdded 10mo agoSafety ✓ Privacy ✓by JSONboredWhy it made the cutDependency Security Audit is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 06
Prompt-Injection Content Scanner - Claude Code Hook
Warn or block when generated prompt/context files contain common instruction-override, secret-exfiltration, or hidden-command patterns.
Trigger:PreToolUseAdded 1mo agoSafety ✓ Privacy ✓by MkDev11Why it made the cutPrompt-Injection Content Scanner - Claude Code Hook is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 07
Security Auditor Expert - CLAUDE.md Rules for Claude Code
Configure Claude as a security expert for vulnerability assessment, penetration testing, and security best practices
Added 10mo agoSafety ✓ Privacy ✓by JSONboredWhy it made the cutSecurity Auditor Expert - CLAUDE.md Rules for Claude Code is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 08Why it made the cut
Lakera Guard is included because it has privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 09
ContrastAPI Security Tools
49 remote security tools for CVE risk scoring, MITRE ATLAS/D3FEND, domain audit, IP threat intel, IOC enrichment, web intelligence, and dependency scanning.
Added 3mo agoSafety ✓ Privacy ✓by UPinarWhy it made the cutContrastAPI Security Tools is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 10
Searchcode MCP Server
Analyze and search public Git repositories through a remote code intelligence MCP server.
Added 1mo agoSafety ✓ Privacy ✓by searchcode.com · submitted by oktofeesh1Why it made the cutSearchcode MCP Server is included because it has safety notes present, privacy notes present, source-backed source posture.
Reach for insteadIf this will touch credentials, local files, or production systems, inspect the upstream source first.
- 11
Airtable MCP Server for Claude
Read and write records, manage bases and tables in Airtable directly from Claude
Added 10mo agoSafety ✓ Privacy ✓by domdomeggWhy it made the cutAirtable MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 12
Asana MCP Server for Claude
Interact with Asana workspaces to manage projects and tasks
Added 10mo agoSafety ✓ Privacy ✓by AsanaWhy it made the cutAsana MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 13
AWS Services MCP Server - MCP Servers
Comprehensive AWS cloud services integration for infrastructure management, deployment, and monitoring
Added 10mo agoSafety ✓ Privacy ✓by AWS LabsWhy it made the cutAWS Services MCP Server - MCP Servers is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 14
Box MCP Server for Claude
Access enterprise content, analyze unstructured data, and automate workflows
Added 10mo agoSafety ✓ Privacy ✓by BoxWhy it made the cutBox MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 15
Canva MCP Server for Claude
Browse, summarize, and generate Canva designs directly from Claude
Added 10mo agoSafety ✓ Privacy ✓by CanvaWhy it made the cutCanva MCP Server for Claude is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
- 16
Claude Desktop MCP Setup
Set up local MCP servers in Claude Desktop via claude_desktop_config.json.
Added 8mo agoSafety ✓ Privacy ✓by JSONboredWhy it made the cutClaude Desktop MCP Setup is included because it has maintainer-built package, safety notes present, privacy notes present, first-party source posture.
Missing a pick? Propose an edit to this list — every change goes through the same review queue as new entries.
Suggest a pickGet the weekly brief
One calm read on Claude workflows. Sundays. No tracking pixels.
Unsubscribe any time. No tracking pixels. No partner blasts.