Is oathe-ai/oathe-mcp safe?

https://github.com/oathe-ai/oathe-mcp

96
SAFE

This is a legitimate MCP server that provides security auditing capabilities by interfacing with the Oathe API service. The code is clean, well-structured, and follows standard MCP patterns with no malicious behavior detected.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 95/100 · 5%

Findings (1)

LOW External API Communication -15

The skill sends URLs to an external API service (audit-engine.oathe.ai) for security auditing purposes. While this is the intended functionality, it involves transmitting data to third-party services which users should be aware of.