6.3
mcp-server-notion
🔌 MCP Servernode-canaries
Security research canary — not for production use. Part of an authorized bug bounty research project. · Transport: stdio
v0.0.2
Medium Risk6.3/10
Scanned June 2, 2026
·Risk Flags
Developer identity is not verified by the platform
Runs code automatically during installation (install scripts detected)
3.0
Permissions
6.0
Developer
10.0
Data Privacy
7.0
Policy Match
Permissions (2)
Runs code automatically after npm install: node index.js
script:postinstall
Does not use the official MCP SDK — custom protocol implementation
mcp:no-official-sdk
Developer
Namenode-canaries
Verified PublisherUnverified
Known EntityNot recognized
Websitehttps://github.com/theinfosecguy/npx-canary#readme
Contactreacher.dev@proton.me
Data Flows
No external data transmission detected
This tool does not appear to send data to external servers.
Privacy Policy Analysis
Policy Status
No policy found
Policy matches observed behavior
Higher-Scored Alternatives
Other MCP Servers with stronger security profiles
9.4
@modelcontextprotocol/server-redis
MCP server for using Redis · Transport: stdio/sse
9.4/10+3.1 vs this tool
9.3
@modelcontextprotocol/server-slack
MCP server for interacting with Slack · Transport: stdio/sse
9.3/10+3.0 vs this tool
9.3
@modelcontextprotocol/server-gdrive
MCP server for interacting with Google Drive · Transport: stdio/sse
9.3/10+3.0 vs this tool
9.3
@modelcontextprotocol/server-sequential-thinking
MCP server for sequential thinking and problem solving · Transport: stdio/sse
9.3/10+3.0 vs this tool
Know what your tools are really doing.