MCPVet
← MCP directory
Low
github · 42 files analyzed

makenotion/notion-mcp-server

Minor capabilities, nothing alarming.

View source ↗
Outbound network 4
Environment variables (config / keys) 5
Runtime code evaluation 1

AI review

No prompt injection, hidden instructions, or data exfiltration mechanisms were found. The extension is a legitimate Notion MCP server that auto-generates tools from an OpenAPI spec. The only minor concern is a commented-out dynamic eval in the parser, but it is not active in production code.

Model: deepseek-chat

Static findings

Outbound network · Makes outbound network requests

info package-lock.json:13 "axios": "^1.8.4",
low package.json:24 "axios": "^1.8.4",
info src/openapi-mcp-server/client/__tests__/http-client.test.ts:15 vi.mock('openapi-client-axios', () => {
low src/openapi-mcp-server/client/http-client.ts:2 import OpenAPIClientAxios from 'openapi-client-axios'

Environment variables (config / keys) · Reads environment variables (config / API keys)

low scripts/server-options.ts:28 let enableTokenPassthrough = process.env.ENABLE_TOKEN_PASSTHROUGH === 'true'
low scripts/start-server.ts:30 const baseUrl = process.env.BASE_URL ?? undefined
low src/openapi-mcp-server/client/http-client.ts:234 if (process.env.NODE_ENV !== 'test') {
info src/openapi-mcp-server/mcp/__tests__/proxy.test.ts:193 const originalEnv = process.env
low src/openapi-mcp-server/mcp/proxy.ts:210 const headersJson = process.env.OPENAPI_MCP_HEADERS

Runtime code evaluation · Evaluates code at runtime

info src/openapi-mcp-server/openapi/parser.ts:353 // const zodSchema = eval(zodSchemaStr) as z.ZodType

Scanning every extension your team installs?

Pro & Team add monitoring, private scans, and a CI gate for unsafe extensions.

MCPVet is a heuristic aid, not a security guarantee. A clean grade does not prove an extension is safe; always review code and instructions you don't trust.