Overall

mcp-server-notion

🔌 MCP Server

node-canaries

Security research canary — not for production use. Part of an authorized bug bounty research project. · Transport: stdio

v0.0.2

Medium Risk6.3/10

Scanned June 2, 2026

Risk Flags

Developer identity is not verified by the platform

Runs code automatically during installation (install scripts detected)

3.0

Permissions

6.0

Developer

10.0

Data Privacy

7.0

Policy Match

Permissions (2)

Runs code automatically after npm install: node index.js

script:postinstall

High

Does not use the official MCP SDK — custom protocol implementation

mcp:no-official-sdk

High

Developer

Namenode-canaries

Verified PublisherUnverified

Known EntityNot recognized

Websitehttps://github.com/theinfosecguy/npx-canary#readme

Contactreacher.dev@proton.me

Data Flows

No external data transmission detected

This tool does not appear to send data to external servers.

Privacy Policy Analysis

Policy Status

No policy found

Policy matches observed behavior

Alternatives to Consider

@modelcontextprotocol/server-redis

0 permissions

9.4

@modelcontextprotocol/server-slack

0 permissions

9.3

@modelcontextprotocol/server-gdrive

0 permissions

9.3

@modelcontextprotocol/server-sequential-thinking

0 permissions

9.3

@modelcontextprotocol/server-memory

0 permissions

9.3

Know what your tools are really doing.

Scan your own tools Browse Catalog

SamuAI

mcp-server-notion

Risk Flags

Permissions (2)

Developer

Data Flows

Privacy Policy Analysis

Alternatives to Consider

Embed Score Badge