Provide seamless access to Appfolio Property Manager Reporting API through a standardized MCP serv…
Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.
@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse
Anthropic's MCP TypeScript SDK has a ReDoS vulnerability
Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default
axios Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy`
axios Vulnerable to Credential Theft and Response Hijacking via Prototype Pollution Gadget in Config Merge
process.env. You'll be asked to provide them before it can run.BYPASS_AUTH_FOR_TESTINGCORS_ORIGINHTTP_PORTHYBRID_MODEINSPECTOR_MODEMCP_MODEOAUTH_AUDIENCEOAUTH_ISSUEROAUTH_JWKS_JSONOAUTH_JWKS_URLOAUTH_PROXY_AUTHORIZATION_URLOAUTH_PROXY_REGISTRATION_URLOAUTH_PROXY_REVOCATION_URLOAUTH_PROXY_TOKEN_URLOAUTH_RESOURCE_METADATA_URLOAUTH_SCOPES_SUPPORTEDOAUTH_SERVICE_DOC_URLPIPEDREAM_CLIENT_IDPIPEDREAM_CLIENT_SECRETPIPEDREAM_PROJECT_IDPORTRESOURCE_SERVER_URL[](https://m8ven.ai/mcp/cryptocultcurt-appfolio-mcp-server-14af7w)