Is Plugin Replace safe to use?

Plugin Replace has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Plugin Replace?

Plugin Replace supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

Is Plugin Replace actively maintained?

Plugin Replace is actively maintained — last commit was 27 days ago. It has 3,752 GitHub stars.

Plugin Replace

Replace strings in files while bundling

ActiveNot tested

Other

★ 3.8k↓ 9640.5k/wknpm GitHub

57CNo CVEsactive

Quick Install

{
  "mcpServers": {
    "plugin-replace": {
      "args": [
        "-y",
        "@rollup/plugin-replace"
      ],
      "command": "npx"
    }
  }
}

Setup guide

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/plugin-replace)](https://mcppedia.org/s/plugin-replace)

Should you use this server?

[cover]: https://codecov.io/gh/rollup/plugins/branch/master/graph/badge.svg [cover-url]: https://codecov.io/gh/rollup/plugins [discord]: https://img.shields.io/discord/466787075518365708?color=778cd1&label=chat [discord-url]: https://is.gd/rollup_chat [tests]: https://img.shields.io/circleci/project/github/rollup/plugins.svg [tests-url]: https://circleci.com/gh/rollup/plugins

✓

Is it safe?

No known CVEs for @rollup/plugin-replace.

No authentication — any process on your machine can connect.

License not specified.

✓

Is it maintained?

Last commit 27 days ago. 3,752 stars. 9,640,460 weekly downloads.

Will it work with my client?

Transport: sse. Compatibility not confirmed.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y '@rollup/plugin-replace' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Score Breakdown

MCPpedia Score

Click each category to see evidence

57C

Last scored 1h ago

How we score →

Security

20/30

No known vulnerabilities.

✓

Known CVEs — No known CVEs for @rollup/plugin-replacecheck OSV.dev

○

Tool safety — No tools to analyze

○

Tool poisoning — No tools to analyze

○

Injection vectors — No tools to analyze

✓

Tool stability — Tool definitions stable

○

Dependency health — found on deps.dev, recently updated

✗

License — No license specified

○

Authentication

Plugin Replace

Quick Install

Should you use this server?

Test This Server

Score Breakdown

MCPpedia Score

Security

Reviews

Frequently Asked Questions

Similar servers

Memory MCP Server

Context Mode

Idea Reality MCP Server

Browser Tools Mcp

Discussion