posthog / security
Security review
Is PostHog MCP safe to give an agent?
unknownunknownunknowndegradeddraft · noindex
A factual risk summary built from PostHog’s real tool surface, execution model, and verification history — not a vibe. Trust score 49/100.
01What it can do
No tool handshake yet — capability surface unverified.
0 tools observed
02Execution model
Transport not yet confirmed, so the execution model is unknown. Treat as untrusted until verified.
No runnable install method captured.
03Permissions & auth
No write or destructive access inferred from this server’s tools yet. Absence of a scope isn’t a guarantee — treat unconfirmed access as unknown, not “none.”
04Verification
handshakenot confirmed
runsmetadata:passed
last_checked2026-07-04 15:37Z
sourcesUser submissions [p7]
Reduce the risk
Worried about handing an agent raw access? See governed agents in action — Apex gives your AI paced, capped, fully-logged hands with approval queues before anything runs.
Explore Apex →See also: full server page · setup · alternatives