CanopiiCanopiiAll serversEnterprise →
io.github.Mogacode-ma/infomaniak-mcp-agent

io.github.Mogacode-ma/infomaniak-mcp-agent v0.14.5

Security Trust Score
Grade C · Needs review
Tier 1 · Public sourceHigh confidence · 98%
Declared MCP capabilities
ResourcesPrompts

Run it through Canopii Gateway — policy enforcement, audit trail, and per-user attribution on every call.

2 issues capping this score
  • mediumNo install/post-install scriptsruns postinstall
  • mediumNo over-broad / destructive tools2 over-broad tool(s)
Reputation5stars0forks2.0kdownloads/mo0open issues28d agolast commit<1yage

Security controls

Deterministic, evidence-backed. Score earned from passing controls; a failed guard caps it.

Model–MCP Runtime Guardrails

  • Fail
    User-in-the-Loop / Approval Scopeguard2 over-broad tool(s)

    No over-broad or destructive tools (arbitrary shell, bulk-delete) that warrant human approval.

    infomaniak_delete_databaseinfomaniak_delete_site

    Fix: Scope tools narrowly; avoid arbitrary command execution and destructive defaults.

  • Warn
    Strict JSON Schema Enforcementschemas not strict

    Tool inputs are constrained (additionalProperties:false), so unexpected arguments can't be smuggled in.

    Fix: Set additionalProperties:false and require explicit parameters on every tool.

  • Pass
    Indirect Prompt Injection (IPI) Defensesguardno injection markers

    Tool/prompt/resource text is free of hidden instructions that could hijack the agent.

  • N/A
    Tool Definition Stabilityguardno prior version to diff

    Tool definitions did not change after publish — no post-approval rug-pull.

Application Security Checks

  • Fail
    No install/post-install scriptsguardruns postinstall

    install hooks run arbitrary code on every consumer at install time.

    Fix: Remove preinstall/install/postinstall scripts, or document and minimize them.

  • Warn
    Dependencies pinned (lockfile)no lockfile found

    A lockfile makes installs reproducible and resistant to silent dependency swaps.

    Fix: Commit a lockfile (package-lock.json / pnpm-lock.yaml / poetry.lock).

  • Warn
    Published with provenanceno provenance attestation

    Build provenance attests the artifact was built from the claimed source by CI.

    Fix: Publish with npm provenance (--provenance) from a trusted CI.

  • Warn
    Established maintainersingle maintainer

    Brand-new / single anonymous maintainers raise takeover and malware risk.

    Fix: Publish under an established account/org; add multiple maintainers.

  • Warn
    Has a security policyno security policy

    A SECURITY.md gives a private path to report vulnerabilities.

    Fix: Add SECURITY.md with a disclosure contact and process.

  • Pass
    No command-injection sinksguardno sinks found

    Untrusted tool input reaching a shell yields remote code execution.

  • Pass
    No dynamic code executionguardno sinks found

    eval()/exec()/Function() on tool-derived strings allows arbitrary code execution.

  • Pass
    No path traversalguardno sinks found

    Naive path checks let tools read/write outside intended directories (EscapeRoute-class).

  • Pass
    No SSRF sinksguardno sinks found

    Fetching tool-supplied URLs can pivot into internal networks and metadata services.

  • Pass
    No unsafe deserializationguardno sinks found

    pickle/yaml.load/etc. on untrusted data can execute code.

  • Pass
    No committed secretsguardno secrets found

    Hardcoded keys/tokens in published source are live credentials an attacker can use.

  • Pass
    Credentials sourced from environmentreads credentials from environment

    Reading secrets from env/secret stores avoids hardcoding them.

  • Pass
    No known-vulnerable dependencies1 runtime deps, no known CVEs

    Runtime dependencies (parsed from the lockfile) are scanned against OSV.dev for published CVEs. Advisory: flagged dependencies lower the score but don't hard-cap it, since transitive reachability is unproven.

  • Pass
    Package name not typosquattingguarddistinct package name

    Names mimicking popular packages are a common malware delivery vector.

  • Pass
    Actively maintainedrecent commits

    Unmaintained servers don't receive security fixes.

  • Pass
    Repository not archivedguardactive

    Archived repositories will never be patched.

  • Pass
    Declares a licenseMIT

    A clear license is required for legal enterprise use.

  • Pass
    Adoption & popularityestablished adoption

    A small, capped nudge from stars/downloads — widely-used servers get more eyes on bugs. It can never offset a real security failure.

  • Not checked
    Signed releasesnot evaluated

    Signed releases let consumers verify artifacts weren't tampered with.

Transport & Trust Model

  • Warn
    Execution Sandboxingruns natively (no container image)

    A container/sandbox image limits blast radius; a server that runs natively has full host access.

    Fix: Ship a Dockerfile/Containerfile (or document a sandboxed run) so the server runs isolated.

  • Pass
    Network Exposureno bind-all detected

    Binding 0.0.0.0 or exposing debug inspectors widens the attack surface.

  • N/A
    Transport Encryption (TLS)guardno remote endpoints

    Plaintext HTTP exposes traffic and bearer tokens to interception.

  • N/A
    IAM / Authentication Scopingno remote endpoints

    OAuth 2.1 / Protected Resource Metadata gates who can invoke tools.

  • N/A
    Live Endpoint Reachablenot dynamically scanned

    A dynamic scan connected to the declared remote endpoint and it responded — verified live, not a dead URL.

  • N/A
    Authentication Enforced (live)not dynamically scanned

    If the server declares auth is required, it must actually reject anonymous clients. Serving tools to unauthenticated callers is a real exposure.

Tools (74)

infomaniak_helpinfomaniak_undoinfomaniak_explaininfomaniak_historyinfomaniak_api_callinfomaniak_list_vpsinfomaniak_overviewinfomaniak_find_siteinfomaniak_get_domaininfomaniak_list_sitesinfomaniak_create_siteinfomaniak_delete_siteinfomaniak_list_drivesinfomaniak_get_databaseinfomaniak_get_vps_fullinfomaniak_list_domainsinfomaniak_audit_accountinfomaniak_list_hostingsinfomaniak_manage_dnssecinfomaniak_create_mailboxinfomaniak_delete_mailboxinfomaniak_get_drive_fullinfomaniak_get_my_profileinfomaniak_get_nodejs_appinfomaniak_list_ai_modelsinfomaniak_list_databasesinfomaniak_list_mailboxesinfomaniak_audit_dns_zonesinfomaniak_create_databaseinfomaniak_delete_databaseinfomaniak_get_certificateinfomaniak_get_domain_fullinfomaniak_get_my_securityinfomaniak_list_short_urlsinfomaniak_nodejs_app_jobsinfomaniak_nodejs_app_logsinfomaniak_add_site_aliasesinfomaniak_create_short_urlinfomaniak_dns_list_recordsinfomaniak_get_account_fullinfomaniak_get_mailbox_fullinfomaniak_get_mailbox_infoinfomaniak_list_ai_productsinfomaniak_list_drive_filesinfomaniak_list_drive_trashinfomaniak_list_drive_usersinfomaniak_list_nodejs_appsinfomaniak_short_urls_quotainfomaniak_delete_site_aliasinfomaniak_dns_create_recordinfomaniak_dns_delete_recordinfomaniak_dns_update_recordinfomaniak_get_database_userinfomaniak_list_redirectionsinfomaniak_list_site_aliasesinfomaniak_nodejs_app_actioninfomaniak_nodejs_app_statusinfomaniak_create_redirectioninfomaniak_delete_certificateinfomaniak_delete_redirectioninfomaniak_list_hosting_usersinfomaniak_list_mail_hostingsinfomaniak_list_organizationsinfomaniak_list_swiss_backupsinfomaniak_nodejs_app_aliasesinfomaniak_create_hosting_userinfomaniak_delete_hosting_userinfomaniak_list_database_usersinfomaniak_list_teams_and_tagsinfomaniak_provision_site_fullinfomaniak_request_certificateinfomaniak_create_mailbox_aliasinfomaniak_nodejs_app_thumbnailinfomaniak_get_mail_hosting_full