Security review

Is @esaio/esa-mcp-server MCP safe to give an agent?

unknownneeds cautionunknownhealthy

A factual risk summary built from @esaio/esa-mcp-server’s real tool surface, execution model, and verification history — not a vibe. Trust score 55/100.

01What it can do

No tool handshake yet — capability surface unverified.

0 tools observed

02Execution model

Runs locally over stdio — the server process executes on your machine with your user's privileges. Vet the source and package before granting access.

Installs via npx (`npx -y @esaio/esa-mcp-server`) — it pulls and executes third-party code; pin versions and review the source.

03Permissions & auth

No auth scopes captured yet (scope extraction runs during the sandboxed handshake, gated until configured). Treat unconfirmed scopes as unknown, not as “none.”

04Verification

handshakenot confirmed

runsmetadata:passed

last_checked2026-06-30 07:32Z

sourcesnpm registry [p4]

Reduce the risk

Wrap @esaio/esa-mcp-server in a governed Loadout — scoped permissions, approval rules on write/destructive tools, and audit logging — instead of handing your agent raw access.

Build a governed Loadout

See also: full server page · setup · alternatives