Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"resend": {
"env": {
"RESEND_API_KEY": "re_xxxxxxxxx"
},
"args": [
"-y",
"resend-mcp"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
An MCP server for the Resend platform. Send and receive emails, manage contacts, broadcasts, domains, and more — directly from any MCP client like Claude Desktop, Cursor, or Claude Code.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y 'pnpm' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config
## Summary `pnpm` accepts package names from the env lockfile `configDependencies` section and uses those names directly when creating config dependency symlinks under `node_modules/.pnpm-config`. A malicious repository can commit a crafted `pnpm-lock.yaml` whose env-lockfile document contains a traversal-shaped config dependency name such as `../../PWNED_CFGDEP`. During `pnpm install`, pnpm installs the config dependency and creates a symlink at a path derived from that name. In local testin
pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config
## Summary `pnpm` accepts package names from the env lockfile `configDependencies` section and uses those names directly when creating config dependency symlinks under `node_modules/.pnpm-config`. A malicious repository can commit a crafted `pnpm-lock.yaml` whose env-lockfile document contains a traversal-shaped config dependency name such as `../../PWNED_CFGDEP`. During `pnpm install`, pnpm installs the config dependency and creates a symlink at a path derived from that name. In local testin
pnpm: `patch-remove` could delete project-selected files outside the patches directory
## Summary The `patch-remove` deletion-scope issue tracked as GHSA-72r4-9c5j-mj57 / CAND-PNPM-030 has been addressed in pnpm. A crafted patch entry could resolve outside the configured patches directory and cause `pnpm patch-remove` to delete an arbitrary reachable file. This patch validates the configured directory and every resolved target before unlinking anything, then deletes the final directory entry without following it. ## Security boundary - Traversal and absolute paths that resolve
pnpm: `patch-remove` could delete project-selected files outside the patches directory
## Summary The `patch-remove` deletion-scope issue tracked as GHSA-72r4-9c5j-mj57 / CAND-PNPM-030 has been addressed in pnpm. A crafted patch entry could resolve outside the configured patches directory and cause `pnpm patch-remove` to delete an arbitrary reachable file. This patch validates the configured directory and every resolved target before unlinking anything, then deletes the final directory entry without following it. ## Security boundary - Traversal and absolute paths that resolve
pnpm: Hoisted install imports lockfile alias outside node_modules
## Summary The hoisted dependency alias issue tracked as GHSA-fr4h-3cph-29xv / CAND-PNPM-059 has been addressed in both pnpm and pacquet. A crafted lockfile alias could be joined directly under a hoisted `node_modules` directory. Traversal aliases could escape that directory, while reserved aliases such as `.bin` or `.pnpm` could overwrite pnpm-owned layout. This patch validates package-name semantics and path containment before graph insertion or filesystem work. ## Security boundary - The
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in communication
Asynchronous coordination layer for AI coding agents: identities, inboxes, searchable threads, and advisory file leases over FastMCP + Git + SQLite
PubNub Model Context Protocol MCP Server for Cursor and Claude
Social layer for Claude Code - DMs, presence, discovery, and games between AI-assisted developers
MCP server for Voximplant API — call history, users, SMS. 3 tools.
MCP Security Weekly
Get CVE alerts and security updates for Resend Mcp and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.