Is Mcp_massive safe to use?

Mcp_massive has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under MIT.

How do I install Mcp_massive?

Mcp_massive supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with Mcp_massive?

Mcp_massive is compatible with Claude Desktop, Cursor, Claude Code, and most MCP clients that support stdio transport. It uses stdio and sse and http transport.

Is Mcp_massive actively maintained?

Mcp_massive is actively maintained — last commit was 0 days ago. It has 293 GitHub stars.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-massive)](https://mcppedia.org/s/mcp-massive)

✓

Is it safe?

No known CVEs for @anthropic-ai/claude-code. 22 previously resolved.

No authentication — any process on your machine can connect.

MIT. View license →

✓

Is it maintained?

Last commit 0 days ago. 293 stars. 10,155,133 weekly downloads.

Will it work with my client?

Transport: stdio, sse, http. Works with Claude Desktop, Cursor, Claude Code, and most MCP clients.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@anthropic-ai/claude-code' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

MCPpedia Score

Click each category to see evidence

67B

Last scored just now

How we score →

Security

23/30

No open vulnerabilities. 22 fixed CVEs.

✓

Known CVEs — No known CVEs for @anthropic-ai/claude-codecheck OSV.dev

○

Tool safety — No tools to analyze

○

Tool poisoning — No tools to analyze

○

Injection vectors — No tools to analyze

✓

Tool stability — Tool definitions stable

○

Dependency health — found on deps.dev, recently updated

✓

License — License: MIT

○

Authentication — No authentication required

○

Repository — active repo

Advisories (0 open, 22 fixed)

mediumCVSS 4CVE-2026-33068Fixed

Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File

Claude Code resolved the permission mode from settings files, including the repo-controlled `.claude/settings.json`, before determining whether to display the workspace trust confirmation dialog. A malicious repository could set `permissions.defaultMode` to `bypassPermissions` in its committed `.claude/settings.json`, causing the trust dialog to be silently skipped on first open. This allowed a user to be placed into a permissive mode without seeing the trust confirmation prompt, making it easie

Affected: >= 0Fixed in 2.1.53Published Mar 19, 2026source \u2192

mediumCVSS 4CVE-2026-25725Fixed

Claude Code has Sandbox Escape via Persistent Configuration Injection in settings.json

Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted as writable and .claude/settings.local.json was explicitly protected with read-only constraints, settings.json was not protected if it was missing. This allowed malicious code running inside the sandbox to create this file and inject persistent hooks (such as SessionStart commands) that would execute with ho

Affected: >= 0Fixed in 2.1.2Published Feb 6, 2026source \u2192

CVEs checked daily via OSV.dev. Score algorithm is open source.

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

MCP Security Weekly

Get CVE alerts and security updates for Mcp_massive and similar servers.

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

mediumCVSS 4CVE-2026-25724Fixed

Claude Code has Permission Deny Bypass Through Symbolic Links

Claude Code failed to strictly enforce deny rules configured in settings.json when accessing files through symbolic links. If a user explicitly denied Claude Code access to a file (such as /etc/passwd) and Claude Code had access to a symbolic link pointing to that file, it was possible for Claude Code to read the restricted file through the symlink without triggering deny rule enforcement. Users on standard Claude Code auto-update received this fix automatically. Users performing manual update

Affected: >= 0Fixed in 2.1.7Published Feb 6, 2026source \u2192

mediumCVSS 4CVE-2026-25723Fixed

Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions

Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude folder and paths outside the project scope. Exploiting this required the ability to execute commands through Claude Code with the "accept edits" feature enabled. Users on standard Claude Code auto-update received this fix automatically. Users performing manual updates

Affected: >= 0Fixed in 2.0.55Published Feb 6, 2026source \u2192

mediumCVSS 4CVE-2026-25722Fixed

Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection

Claude Code failed to properly validate directory changes when combined with write operations to protected folders. By using the `cd` command to navigate into sensitive directories like `.claude`, it was possible to bypass write protection and create or modify files without user confirmation. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically. Users performing manual

Affected: >= 0Fixed in 2.0.57Published Feb 6, 2026source \u2192

mediumCVSS 4CVE-2026-24887Fixed

Claude Code has a Command Injection in find Command Bypasses User Approval Prompt

Due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of untrusted commands through the find command. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update have received this fix already. Users performing manual updates are advised to update to the latest version. Claude Code thanks https://hackerone.com/alexbernier for reporting this i

Affected: >= 0Fixed in 2.0.72Published Feb 3, 2026source \u2192

mediumCVSS 4CVE-2026-24053Fixed

Claude Code has a Path Restriction Bypass via ZSH Clobber which Allows Arbitrary File Writes

Due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the user to use ZSH and the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update have received this fix already. Users performing manual updates are advised to update to the latest version. Claude Code thanks h

Affected: >= 0Fixed in 2.0.74Published Feb 3, 2026source \u2192

mediumCVSS 4CVE-2026-24052Fixed

Claude Code has a Domain Validation Bypass which Allows Automatic Requests to Attacker-Controlled Domains

Claude Code contained insufficient URL validation in its trusted domain verification mechanism for WebFetch requests. The application used a `startsWith()` function to validate trusted domains (e.g., `docs.python.org`, `modelcontextprotocol.io`), this could have enabled attackers to register domains like `modelcontextprotocol.io.example.com` that would pass validation. This could enable automatic requests to attacker-controlled domains without user consent, potentially leading to data exfiltrati

Affected: >= 0Fixed in 1.0.111Published Feb 3, 2026source \u2192

mediumCVSS 4CVE-2026-21852Fixed

Claude Code Leaks Data via Malicious Environment Configuration Before Trust Confirmation

A vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. If a user started Claude Code in an attacker-controller repository, and the repository included a settings file that set ANTHROPIC_BASE_URL to an attacker-controlled endpoint, Claude Code would issue API requests before showing the trust prompt, including potentially leaking the user's API keys. Users on standard Claude Code auto-update

Affected: >= 0Fixed in 2.0.65Published Jan 21, 2026source \u2192

mediumCVSS 4CVE-2025-66032Fixed

Claude Code Command Validation Bypass Allows Arbitrary Code Execution

Due to errors in parsing shell commands related to $IFS and short CLI flags, it was possible to bypass the Claude Code read-only validation and trigger arbitrary code execution. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update have received this fix already. Users performing manual updates are advised to update to the latest version. Thank you to [RyotaK](hxxps://ryotak.net) from [GMO Flatt Secur

Affected: >= 0Fixed in 1.0.93Published Dec 3, 2025source \u2192

mediumCVSS 4CVE-2025-64755Fixed

@anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes

Due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. Thank you to Adam Chester - SpecterOps for reporting this issue!

Affected: >= 0Fixed in 2.0.31Published Nov 20, 2025source \u2192

mediumCVSS 4CVE-2025-65099Fixed

Claude Code vulnerable to command execution prior to startup trust dialog

When using Claude Code with Yarn installed, Yarn config files can trigger code execution when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins and yarnPath could be executed prior to the user accepting the risks of working in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. Thank you to Benjamin Falle

Affected: >= 0Fixed in 1.0.39Published Nov 19, 2025source \u2192

mediumCVSS 4CVE-2025-59829Fixed

Claude Code permission deny bypass through symlink

Claude Code failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the file. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. Thank you to https://hackerone.com/vinai for reporting this issue!

Affected: >= 0Fixed in 1.0.120Published Oct 3, 2025source \u2192

mediumCVSS 4CVE-2025-59536Fixed

Claude Code can execute commands prior to the startup trust dialog

Due to a bug in the startup trust dialog implementation, Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. Thank you to https://hackerone.com/avivdon for reporting this issue!

Affected: >= 0Fixed in 1.0.111Published Oct 3, 2025source \u2192

mediumCVSS 4CVE-2025-59828Fixed

Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions

When using Claude Code with Yarn installed, Yarn config files can trigger code execution when running `yarn --version`. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins and `yarnPath` could be executed prior to the user accepting the risks of working in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. Thank you to Benjamin F

Affected: >= 0Fixed in 1.0.39Published Sep 24, 2025source \u2192

mediumCVSS 4CVE-2025-59041Fixed

Claude Code vulnerable to arbitrary code execution caused by maliciously configured git email

At startup, Claude Code constructed a shell command that interpolated the value of `git config user.email` from the current workspace. If an attacker controlled the repository’s Git config (e.g., via a malicious `.git/config`) and set `user.email` to a crafted payload, the unescaped interpolation could trigger arbitrary command execution **before** the user accepted the workspace-trust dialog. The issue affects versions prior to `1.0.105`. The fix in `1.0.105` avoids executing commands built fro

Affected: >= 0Fixed in 1.0.105Published Sep 10, 2025source \u2192

mediumCVSS 4CVE-2025-58764Fixed

Claude Code rg vulnerability does not protect against approval prompt bypass

Due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. Thank you to the NVIDIA AI Red Team for reporting this issue!

Affected: >= 0Fixed in 1.0.105Published Sep 10, 2025source \u2192

mediumCVSS 4GHSA-ph6w-f82w-28w6Fixed

Claude Code Vulnerable to Arbitrary Code Execution Due to Insufficient Startup Warning

When Claude Code was started in a new directory, it displayed a warning asking, "Do you trust the files in this folder?". This warning did not properly document that selecting "Yes, proceed" would allow Claude Code to execute files in the folder without additional confirmation. This may not have been clear to a user so we have updated the warning to clarify this functionality. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates a

Affected: >= 0Fixed in 1.0.87Published Sep 3, 2025source \u2192

mediumCVSS 4CVE-2025-55284Fixed

Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code

Due to an overly broad allowlist of safe commands, it was possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically after release. Current users of Claude Code are unaffected, as versions prior to 1.0.24 are deprecated and have been

Affected: >= 0Fixed in 1.0.4Published Aug 18, 2025source \u2192

mediumCVSS 4CVE-2025-54795Fixed

Claude Code echo command allowed bypass of user approval prompt for command execution

Due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically after release. Current users of Claude Code are unaffected, as versions prior to 1.0.24 are deprecated and have been forced to update. Thank you to Elad Beber (Cymulate) for

Affected: >= 0Fixed in 1.0.20Published Aug 4, 2025source \u2192

mediumCVSS 4CVE-2025-54794Fixed

Claude Code Research Preview has a Path Restriction Bypass which could allow unauthorized file access

Due to a path validation flaw using prefix matching instead of canonical path comparison, it was possible to bypass directory restrictions and access files outside the CWD. Successful exploitation depends on the presence of (or ability to create) a directory with the same prefix as the CWD and the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically after release. Current users of Claude Code are unaffecte

Affected: >= 0Fixed in 0.2.111Published Aug 4, 2025source \u2192

mediumCVSS 4CVE-2025-52882Fixed

Claude Code Improper Authorization via websocket connections from arbitrary origins

Claude Code extensions in VSCode and forks (e.g., Cursor, Windsurf, and VSCodium) and JetBrains IDEs (e.g., IntelliJ, Pycharm, and Android Studio) are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions versions 0.2.116 through 1.0.23 are vulnerable. For Jetbrains IDE plugins, Claude Code [beta] versions 0.1.1 through 0.1.8 are vulnerable. In VSCode (and forks), exploitation would allow an attacker

Affected: >= 0.2.116Fixed in 1.0.24Published Jun 23, 2025source \u2192

[!IMPORTANT] :test_tube: This project is experimental and could be subject to breaking changes.

Massive.com MCP Server

A Model Context Protocol (MCP) server that provides access to the full Massive.com financial data API through an LLM-friendly interface.

Rather than exposing one tool per endpoint, this server gives the LLM four composable tools — search, docs, call, and query — that cover the entire Massive.com API surface. Data can be stored in-memory as DataFrames, queried with SQL, and enriched with built-in financial functions.

Tools

| Tool | Description | |---|---| | search_endpoints | Search for API endpoints and built-in functions by natural language query. Returns names, URL patterns, and descriptions. Supports scoping to endpoints, functions, or all. | | get_endpoint_docs | Get parameter documentation for a specific endpoint. Pass the docs URL from search_endpoints results. | | call_api | Call any Massive.com REST API endpoint. Supports storing results as an in-memory DataFrame (store_as) and applying post-processing functions (apply). Paginated responses include a next-page hint. | | query_data | Run SQL against stored DataFrames using SQLite. Supports SHOW TABLES, DESCRIBE <table>, DROP TABLE <table>, CTEs, window functions, and more. Results can also be post-processed with apply. |

Built-in Functions

Functions can be applied to API results or query output via the apply parameter on call_api and query_data. Use search_endpoints with scope="functions" to discover them.

| Category | Functions | |---|---| | Greeks | bs_price, bs_delta, bs_gamma, bs_theta, bs_vega, bs_rho — Black-Scholes option pricing and greeks | | Returns | simple_return, log_return, cumulative_return, sharpe_ratio, sortino_ratio | | Technical | sma (simple moving average), ema (exponential moving average) |

Data Coverage

The server dynamically indexes all Massive.com API endpoints at startup from llms.txt, so it automatically stays in sync with the API. Coverage includes:

Stock, options, forex, crypto, and futures aggregates
Real-time and historical trades and quotes
Market snapshots, gainers/losers
Ticker details and reference data
Dividends, splits, IPOs
Financial fundamentals
Analyst ratings and news (Benzinga)
Treasury yields, inflation data
Market status and holidays

Installation

Prerequisites

Python 3.12+
A Massive.com API key
[![Button]][Link]
Astral UV (v0.4.0+)

Claude Code

First, install Claude Code

npm install -g @anthropic-ai/claude-code

Install the MCP server, then register it with Claude Code:

# Install the server (one-time — downloads dependencies ahead of time)
uv tool install "mcp_massive @ git+https://github.com/massive-com/mcp_massive@v0.8.8"

# Register with Claude Code
claude mcp add massive -e MASSIVE_API_KEY=your_api_key_here -- mcp_massive

To upgrade to a new version later:

uv tool upgrade mcp_massive

[!NOTE] Upgrading from uvx or uv run --with? Previous versions recommended uvx --from ... mcp_massive or `

... View full README on GitHub

Mcp_massive

Quick Install

Should you use this server?

Test This Server

Score Breakdown

MCPpedia Score

Security

Advisories (0 open, 22 fixed)

Reviews

Frequently Asked Questions

Similar servers

Alpha Vantage Mcp

io.github.theYahia/robokassa-mcp

io.github.imbenrabi/financial-modeling-prep-mcp-server

Clawpay MCP Server

Discussion