Is @iflow-mcp/ref-tools-mcp MCP safe to give an agent?
A factual risk summary built from @iflow-mcp/ref-tools-mcp’s real tool surface, execution model, and verification history — not a vibe. Trust score 56/100.
Only read-style tools observed — no write/destructive tools.
Transport not yet confirmed, so the execution model is unknown. Treat as untrusted until verified.
Installs via npx (`npx -y @iflow-mcp/ref-tools-mcp`) — it pulls and executes third-party code; pin versions and review the source.
No write or destructive access inferred from this server’s tools yet. Absence of a scope isn’t a guarantee — treat unconfirmed access as unknown, not “none.”
Worried about handing an agent raw access? See governed agents in action — Apex gives your AI paced, capped, fully-logged hands with approval queues before anything runs.
Explore Apex →See also: full server page · setup · alternatives