MMCP Resend EmailMCP server for sending email by Resend
mcp-so:mcp-resend-email_gdli6177
View sourceFirst Seen
Feb 19, 2026
Last Scanned
Feb 20, 2026
Findings
10
Score
52/100
Findings (10)
Detects command-line flags passing credentials with real-looking values
--api-key
=
your_resend_api_keyRemove credential values from CLI flags (e.g., --password, --token). Use environment variables, config files with restricted permissions, or interactive prompts instead.
Likely FP if the CLI flag is shown in a help text example (e.g., --token YOUR_TOKEN) without an actual credential value.
Detects command-line flags passing credentials with real-looking values
--api-key=your_resend_api_key"Remove credential values from CLI flags (e.g., --password, --token). Use environment variables, config files with restricted permissions, or interactive prompts instead.
Likely FP if the CLI flag is shown in a help text example (e.g., --token YOUR_TOKEN) without an actual credential value.
Detects command-line flags passing credentials with real-looking values
--api-key=your_resend_api_key"Remove credential values from CLI flags (e.g., --password, --token). Use environment variables, config files with restricted permissions, or interactive prompts instead.
Likely FP if the CLI flag is shown in a help text example (e.g., --token YOUR_TOKEN) without an actual credential value.
Detects command-line flags passing credentials with real-looking values
--api-key=your_resend_api_key"Remove credential values from CLI flags (e.g., --password, --token). Use environment variables, config files with restricted permissions, or interactive prompts instead.
Likely FP if the CLI flag is shown in a help text example (e.g., --token YOUR_TOKEN) without an actual credential value.
Detects command-line flags passing credentials with real-looking values
--api-key=your_resend_api_key"Remove credential values from CLI flags (e.g., --password, --token). Use environment variables, config files with restricted permissions, or interactive prompts instead.
Likely FP if the CLI flag is shown in a help text example (e.g., --token YOUR_TOKEN) without an actual credential value.
Detects command-line flags passing credentials with real-looking values
--api-key=your-resend-api-key"Remove credential values from CLI flags (e.g., --password, --token). Use environment variables, config files with restricted permissions, or interactive prompts instead.
Likely FP if the CLI flag is shown in a help text example (e.g., --token YOUR_TOKEN) without an actual credential value.
Detects MCP server configs using npx to run packages without version pinning
"command"
:
"npx"Pin the npx package in the MCP config to an exact version (e.g., @scope/server@1.2.3). Unpinned npx commands can silently fetch a compromised package version.
Likely FP if the MCP config is a local development setup example, though unpinned npx in production configs is a real supply chain risk.
Detects MCP server configs using npx to run packages without version pinning
"command"
:
"npx"Pin the npx package in the MCP config to an exact version (e.g., @scope/server@1.2.3). Unpinned npx commands can silently fetch a compromised package version.
Likely FP if the MCP config is a local development setup example, though unpinned npx in production configs is a real supply chain risk.
Detects MCP server configs using npx to run packages without version pinning
"command"
:
"npx"Pin the npx package in the MCP config to an exact version (e.g., @scope/server@1.2.3). Unpinned npx commands can silently fetch a compromised package version.
Likely FP if the MCP config is a local development setup example, though unpinned npx in production configs is a real supply chain risk.
Detects MCP server configs using npx to run packages without version pinning
"command": "npx"Pin the npx package in the MCP config to an exact version (e.g., @scope/server@1.2.3). Unpinned npx commands can silently fetch a compromised package version.
Likely FP if the MCP config is a local development setup example, though unpinned npx in production configs is a real supply chain risk.