Is Mcp Webpublication Server safe to use?

Mcp Webpublication Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Mcp Webpublication Server?

Mcp Webpublication Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What AI clients work with Mcp Webpublication Server?

Mcp Webpublication Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.

Is Mcp Webpublication Server actively maintained?

Mcp Webpublication Server is less actively maintained — last commit was 144 days ago.

Mcp Webpublication Server

Name: Mcp Webpublication Server
Author: alexylon

@modelcontextprotocol/inspector · by alexylon

MCP Webpublication Server

214.2k/wk 5 tools GitHub npm

No known CVEs

No license

Maintained

Last commit 144d ago

Works with most clients

Transport: stdio, http

5 tools · ~460 tok

Grade A · 0.2% of 200K ctx

Edit this pageView history

Writing

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "webpublication": {
      "env": {
        "API_URL": "your_api_url",
        "WP_TOKEN": "your_wp_token",
        "CLIENT_ID": "your_client_id",
        "DRIVE_URL": "your_drive_url"
      },
      "command": "/path/to/mcp-webpublication-server/target/release/mcp-webpublication-server"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-webpublication-server)](https://mcppedia.org/s/mcp-webpublication-server)

Read me

What Mcp Webpublication Server does

MCP server for Webpublication API - provides access to workspace management, generation, customization, and publication features.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/inspector' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

2 fixed

CVE-2025-58444medium · fixedCVSS 4

MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server

An XSS flaw exists in the MCP Inspector local development tool when it renders a redirect URL returned by a remote MCP server. If the Inspector connects to an untrusted server, a crafted redirect can inject script into the Inspector context and, via the built-in proxy, be leveraged to trigger arbitrary command execution on the developer machine. Version 0.16.6 hardens URL handling/validation and prevents script execution. > Thank you to the following researchers for their reports and contributi

Affected: >= 0Fixed in 0.16.6source →

CVE-2025-49596medium · fixedCVSS 4

MCP Inspector proxy server lacks authentication between the Inspector client and proxy

Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. Users should immediately upgrade to version 0.14.1 or later to address these vulnerabilities. Credit: Rémy Marot <bughunters@tenable.com>

Affected: >= 0Fixed in 0.14.1source →

Inventory

Tools (5)

Click any tool to inspect its schema.

~460 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Webpublication Server safe to use?: Mcp Webpublication Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Mcp Webpublication Server?: Mcp Webpublication Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Webpublication Server do?: Mcp Webpublication Server provides 5 tools: get_recent_resources, get_resource, get_publication_settings, toggle_wishlist, get_cover_image. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Webpublication Server?: Mcp Webpublication Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Mcp Webpublication Server actively maintained?: Mcp Webpublication Server is less actively maintained — last commit was 144 days ago.

Similar servers

Others in writing

View all →

Solomd95

A markdown editor — and the bridge to your LLM. Local-first, MIT, ~15 MB. Bundled MCP server lets Claude Code / Codex / Cursor drive your vault directly. 14 AI providers BYOK.

341 4

Prompts.Chat94

f.k.a. Awesome ChatGPT Prompts. Share, discover, and collect prompts from the community. Free and open source — self-host for your organization with complete privacy.

163.0k 1

Sub Agents Mcp93

Define task-specific AI sub-agents in Markdown for any MCP-compatible tool.

83 1

Wechatsync92

一键同步文章到多个内容平台，支持今日头条、WordPress、知乎、简书、掘金、CSDN、typecho各大平台，一次发布，多平台同步发布。解放个人生产力

5.6k 5

MCP Security Weekly

Get CVE alerts and security updates for Mcp Webpublication Server and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Writing

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "webpublication": {
      "env": {
        "API_URL": "your_api_url",
        "WP_TOKEN": "your_wp_token",
        "CLIENT_ID": "your_client_id",
        "DRIVE_URL": "your_drive_url"
      },
      "command": "/path/to/mcp-webpublication-server/target/release/mcp-webpublication-server"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-webpublication-server)](https://mcppedia.org/s/mcp-webpublication-server)

Read me

What Mcp Webpublication Server does

MCP server for Webpublication API - provides access to workspace management, generation, customization, and publication features.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@modelcontextprotocol/inspector' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

README

MCP Webpublication Server

MCP server for Webpublication API - provides access to workspace management, generation, customization, and publication features.

Features

get_recent_resources: Get the last 20 publications
get_resource: Get resource/publication information
get_publication_settings: Get publication settings and configuration
toggle_wishlist: Enable/disable Wishlist
get_cover_image: Get the publication's cover image as bytes and encode it to base64 so the AI can see it
Cookie-based authentication with WP_token
Support for multiple API endpoints (workspaceManagerWs, generationWs, customizationWs, etc.)

Prerequisites

Rust: Install Rust

Quick Start

Copy .env.example to .env and add your credentials (environment variables needed for testing with the MCP Inspector):

API_URL=your_api_url
DRIVE_URL=your_drive_url
CLIENT_ID=your_client_id
WP_TOKEN=your_wp_token

Build release:

cargo build --release

The resulting binary executable can be found at /path/to/mcp-webpublication-server/target/release/mcp-webpublication-server

Usage

Testing with MCP Inspector

Run at the project's root

npx @modelcontextprotocol/inspector cargo run
# or
npx @modelcontextprotocol/inspector ./target/release/mcp-webpublication-server

Open http://127.0.0.1:6274 and test tools.

Using Claude

Configure the MCP Web Publication server for either Claude Desktop or the Claude CLI.

Claude Desktop

Add the snippet below to your Claude Desktop config file:

macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json

Claude CLI

At the root of your project, add the same snippet to .mcp.json.

{
  "mcpServers": {
    "webpublication": {
      "command": "/path/to/mcp-webpublication-server/target/release/mcp-webpublication-server",
      "env": {
        "API_URL": "your_api_url",
        "DRIVE_URL": "your_drive_url",
        "CLIENT_ID": "your_client_id",
        "WP_TOKEN": "your_wp_token"
      }
    }
  }
}

Tools

get_recent_resources

Input: None
Output: Returns the 20 most recent publications with their globalId and label (name)
Usage: Use this first to find a publication's globalId when not provided by the user

get_resource

Input: resource_gid (number, e.g., 2473843)
Output: Detailed resource/publication information with metadata
Note: Month values are zero-based. Add 1 to get the calendar month (e.g., 5 = June)

get_publication_settings

Input: resource_gid (number, e.g., 2473843)
Output: Publication settings and configuration details including wishlistEnabled and coverImage.relUrl

toggle_wishlist

Input:
- publication_gid (number, e.g., 2473843)
- wishlist_enabled (boolean: true/false)
Output: Updated publication settings with new wishlist status
Note: Check current status via get_publication_settings -> wishlistEnabled

get_cover_image

Input: rel_url (string) - obtained from get_publication_settings -> coverImage.relUrl
Output: Cover image as base64-encoded image data

Resources

MCP Rust SDK

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

2 fixed

CVE-2025-58444medium · fixedCVSS 4

MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server

Affected: >= 0Fixed in 0.16.6source →

CVE-2025-49596medium · fixedCVSS 4

MCP Inspector proxy server lacks authentication between the Inspector client and proxy

Affected: >= 0Fixed in 0.14.1source →

Inventory

Tools (5)

Click any tool to inspect its schema.

~460 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Webpublication Server safe to use?: Mcp Webpublication Server has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Mcp Webpublication Server?: Mcp Webpublication Server supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Webpublication Server do?: Mcp Webpublication Server provides 5 tools: get_recent_resources, get_resource, get_publication_settings, toggle_wishlist, get_cover_image. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Webpublication Server?: Mcp Webpublication Server is compatible with claude-desktop, cursor, claude-code. It uses stdio and http transport.
Is Mcp Webpublication Server actively maintained?: Mcp Webpublication Server is less actively maintained — last commit was 144 days ago.

Similar servers

Others in writing

View all →

Solomd95

A markdown editor — and the bridge to your LLM. Local-first, MIT, ~15 MB. Bundled MCP server lets Claude Code / Codex / Cursor drive your vault directly. 14 AI providers BYOK.

341 4

Prompts.Chat94

f.k.a. Awesome ChatGPT Prompts. Share, discover, and collect prompts from the community. Free and open source — self-host for your organization with complete privacy.

163.0k 1

Sub Agents Mcp93

Define task-specific AI sub-agents in Markdown for any MCP-compatible tool.

83 1

Wechatsync92

一键同步文章到多个内容平台，支持今日头条、WordPress、知乎、简书、掘金、CSDN、typecho各大平台，一次发布，多平台同步发布。解放个人生产力

5.6k 5

MCP Security Weekly

Get CVE alerts and security updates for Mcp Webpublication Server and similar servers.

Community