Tailscale Mcp Echo

Name: Tailscale Mcp Echo
Author: remyguercio

mcp-remote · by remyguercio

Identity aware MCP server example using Tailscale serve.

24 349.7k/wk 1 tool GitHub npm

No known CVEs

BSD-3-Clause license

Stale

Last commit 340d ago

Works with most clients

Transport: stdio, sse, http

1 tool · ~48 tok

Grade A · 0.0% of 200K ctx

Edit this pageView history

Security DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "tailscale-mcp-echo": {
      "args": [
        "mcp-remote",
        "https://ts-mcp-echo.yourtailnetname.ts.net/mcp"
      ],
      "command": "npx"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/tailscale-mcp-echo)](https://mcppedia.org/s/tailscale-mcp-echo)

Read me

What Tailscale Mcp Echo does

Create an identiy aware MCP server that runs inside your private Tailscale network (Tailnet). This example leverages identity headers that are passed through to applications running behind tailscale serve.

Test This Server

Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.

npx -y 'mcp-remote' 2>&1 | head -1 && echo "✓ Server started successfully"

After testing, let us know if it worked:

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

83/100across 5 weighted dimensions

How we score →

0255075100

−17

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

1 fixed

CVE-2025-6514low · fixedCVSS 3.1

mcp-remote exposed to OS command injection via untrusted MCP server connections

mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL

Affected: >= 0.0.5Fixed in 0.1.16source →

Inventory

Tools (1)

Click any tool to inspect its schema.

~48 tokens total

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Tailscale Mcp Echo safe to use?: Tailscale Mcp Echo has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under BSD-3-Clause.
How do I install Tailscale Mcp Echo?: Tailscale Mcp Echo supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Tailscale Mcp Echo do?: Tailscale Mcp Echo provides 1 tool: greet. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Tailscale Mcp Echo?: Tailscale Mcp Echo is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Tailscale Mcp Echo actively maintained?: Tailscale Mcp Echo is less actively maintained — last commit was 340 days ago. It has 24 GitHub stars.

Similar servers

Others in security / devops

View all →

Mcp Gitlab96

MCP server for using the GitLab API

1.6k 12

Evil Mcp Server93

An evil MCP server used for redteam testing

30 1

io.github.jasonxkensei/xproof92

Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.

1 1

Mcp Gitlab Server92

Enhanced MCP server for GitLab: group projects listing and activity tracking

51 2

MCP Security Weekly

Get CVE alerts and security updates for Tailscale Mcp Echo and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Identity Aware MCP Server for Tailscale

Using this as starting point you can create MCP servers that are identity aware (with access to the logged in user's email) and can access internal APIs or services on thier behalf.

Instructions

Starting the Server

If you don't already have a Tailnet setup you'll need to signup for one.

Create an API auth key and save it into a .env file in the root of this project with the following format: TS_AUTHKEY=tskey-auth-...

With Docker already installed, run docker compose up to start the server.

This will spin up two containers. The MCP server and a Tailscale container running tailscale serve as a proxy to your tailnet.

Using the Server

If you have an MCP Client that supports direct access to Streaming HTTP MCP servers, then you should be able to connect to the server by pointing it to https://ts-mcp-echo.yourtailnetname.ts.net/mcp.

Claude Desktop

Claude desktop does not currently support remote MCP servers (only stdio), but you can use the mcp-remote tool (or any other proxy) to connect to it.

Install mcp-remote with npm install -g mcp-remote

Add the following configuration to your claude_desktop_config.json file:

    {
        "mcpServers": {
            "tailscale-remote-echo-example": {
                "command": "npx",
                "args": [
                    "mcp-remote",
                    "https://ts-mcp-echo.yourtailnetname.ts.net/mcp"
                ]
            }
        }
    }

You can find your tailnet name by visiting the Tailscale admin console DNS page.

Restart Claude Desktop.

You should now see a new MCP server called tailscale-remote-echo-example with a greet tool.

Ask Claude Who am I logged into my tailnet as? allow the tool, and wait for the response!

Frequently Asked Questions

Is Tailscale Mcp Echo safe to use?

Tailscale Mcp Echo has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments. Licensed under BSD-3-Clause.

How do I install Tailscale Mcp Echo?

Tailscale Mcp Echo supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Tailscale Mcp Echo do?

Tailscale Mcp Echo provides 1 tool: greet. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Tailscale Mcp Echo?

Tailscale Mcp Echo is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Tailscale Mcp Echo actively maintained?

Tailscale Mcp Echo is less actively maintained — last commit was 340 days ago. It has 24 GitHub stars.

Identity Aware MCP Server for Tailscale

Using this as starting point you can create MCP servers that are identity aware (with access to the logged in user's email) and can access internal APIs or services on thier behalf.

Instructions

Starting the Server

If you don't already have a Tailnet setup you'll need to signup for one.
Create an API auth key and save it into a .env file in the root of this project with the following format: TS_AUTHKEY=tskey-auth-...
With Docker already installed, run docker compose up to start the server.

This will spin up two containers. The MCP server and a Tailscale container running tailscale serve as a proxy to your tailnet.

Using the Server

Claude Desktop

Claude desktop does not currently support remote MCP servers (only stdio), but you can use the mcp-remote tool (or any other proxy) to connect to it.

Install mcp-remote with npm install -g mcp-remote

Add the following configuration to your claude_desktop_config.json file:

    {
        "mcpServers": {
            "tailscale-remote-echo-example": {
                "command": "npx",
                "args": [
                    "mcp-remote",
                    "https://ts-mcp-echo.yourtailnetname.ts.net/mcp"
                ]
            }
        }
    }

You can find your tailnet name by visiting the Tailscale admin console DNS page.

Restart Claude Desktop.
You should now see a new MCP server called tailscale-remote-echo-example with a greet tool.
Ask Claude Who am I logged into my tailnet as? allow the tool, and wait for the response!