Ckan Mcp Server

Name: Ckan Mcp Server
Rating: 1.3 (1 reviews)
Author: aborruso

MCP server for interacting with CKAN open data portals

UnknownNot tested

Other

npm

25No CVEsunknown

Quick Install

{
  "mcpServers": {
    "ckan-mcp-server": {
      "command": "npx",
      "args": [
        "-y",
        "@aborruso/ckan-mcp-server"
      ]
    }
  }
}

Setup guide

Auto-generated from package name. Add to your client's MCP config file.

Should you use this server?

MCP server for interacting with CKAN open data portals

✓

Is it safe?

No known CVEs for @aborruso/ckan-mcp-server. 1 previously resolved.

No authentication — any process on your machine can connect.

License not specified.

Is it maintained?

Commit history unknown.

Will it work with my client?

Transport: stdio. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y @aborruso/ckan-mcp-server 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Help improve this page

This server is missing a description. Tools and install config are also missing.If you've used it, help the community.

Add information

Score Breakdown

MCPpedia Score

Click each category to see evidence

25D

Last scored just now

How we score →

Security

20/30

No open vulnerabilities. 1 fixed CVE.

✓

Known CVEs — No known CVEs for @aborruso/ckan-mcp-servercheck OSV.dev

○

Tool safety — No tools to analyze

○

Tool poisoning — No tools to analyze

○

Injection vectors — No tools to analyze

✓

Tool stability

— Tool definitions stable

○

Dependency health — found on deps.dev, recently updated

✗

License — No license specified

○

Authentication — No authentication required

○

Repository — active repo

Advisories (0 open, 1 fixed)

lowCVSS 3.1CVE-2026-33060Fixed

SSRF in @aborruso/ckan-mcp-server via base_url allows access to internal networks

## Summary The `@aborruso/ckan-mcp-server` MCP server provides tools including `ckan_package_search` and `sparql_query` that accept a `base_url` parameter, making HTTP requests to arbitrary endpoints without restriction. A CKAN portal client has no legitimate reason to contact cloud metadata or internal network services. ## Severity Attack complexity is HIGH because exploitation requires prompt injection via malicious content (webpage, document) while the victim's AI assistant has this MCP se

Affected: >= 0Fixed in 0.4.85Published Mar 18, 2026source \u2192

CVEs checked daily via OSV.dev. Score algorithm is open source.

Embed this score in your READMEPreview badge

[![MCPpedia Score](https://mcppedia.org/api/badge/ckan-mcp-server)](https://mcppedia.org/s/ckan-mcp-server)

Reviews

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?