Enables AI clients to interact with ProtonMail accounts through the Proton Bridge using SMTP and IMAP protocols. Provides email management capabilities via secure local bridge connections.
Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.
Nodemailer: Message-level raw option bypasses disableFileAccess/disableUrlAccess, enabling arbitrary file read and full-response SSRF in the delivered message
Nodemailer: CRLF injection in Nodemailer List-* header comments allows arbitrary message header injection
Nodemailer: Improper TLS Certificate Validation in OAuth2 Token Fetch Enables Credential Interception
Nodemailer jsonTransport bypasses disableFileAccess and disableUrlAccess during message normalization
mailparser vulnerable to Cross-site Scripting
process.env. You'll be asked to provide them before it can run.IMAP_HOST— No 127.0.0.1 Bridge IMAP hostIMAP_PORT— No 1143 Bridge IMAP portPROTONMAIL_PASSWORD— "": "bridge-app-password"PROTONMAIL_USERNAME— "": "your@protonmail.com",SMTP_HOST— No 127.0.0.1 Bridge SMTP hostSMTP_PORT— No 1025 Bridge SMTP port[](https://m8ven.ai/mcp/darkroomdevs-protonmail-mcp-13qzgy)