74
/ 100
4 days ago
glama

yandex-mcp

Enables LLM agents to interact with Yandex Tracker (and future Yandex services) using per-user credentials instead of a shared org-wide token, supporting both single-user and multi-user modes.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 3 credentials: ACCESS_TOKEN, CLIENT_SECRET, TRACKER_TOKEN
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
🔐 secretACCESS_TOKEN
configCLIENT_ID
🔐 secretCLIENT_SECRET
configMCP_HTTP_PORT
configMCP_TRANSPORT
configPORT
configSCOPES
configTRACKER_AUTH_SCHEME
configTRACKER_BASE_URL
configTRACKER_DEBUG
configTRACKER_ORG_HEADER
configTRACKER_ORG_ID
configTRACKER_SEARCH
🔐 secretTRACKER_TOKEN
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 4 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/fall-out-bug-yandex-mcp-ooj2qq)](https://m8ven.ai/mcp/fall-out-bug-yandex-mcp-ooj2qq)
commit: 1c5d74107edafe5cc1564376f9c653358d57464b
code hash: f1efce1f3846143e7e1a87abcca35a78b8e5e75faab441f18746e41db02311c6
verified: 7/5/2026, 9:05:39 AM
view raw JSON →