Back to MCP Trust Indexm8ven
74
grade C
2 days ago
glama

Backlog MCP Server

Enables managing a minimal task backlog with operations to create, list, update, and retrieve tasks with different statuses (open, in progress, blocked, done, cancelled). Tasks are stored in a local JSON file with atomic writes.

gkoreli/backlog-mcp· listed on glama

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 4 credentials: API_KEY, CLIENT_SECRET, GITHUB_CLIENT_SECRET, JWT_SECRET
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configALLOWED_GITHUB_USERNAMESnpx wrangler secret put # comma-separated: "you,youralt"
🔐 secretAPI_KEYnpx wrangler secret put # your personal API key (for Claude Desktop)
configAPI_URL
configBACKLOG_ACTOR_NAME
configBACKLOG_ACTOR_TYPE
configBACKLOG_DATA_DIR~/.backlog # Where to store tasks (default: data/tasks/)
configBACKLOG_DELEGATED_BY
configBACKLOG_TASK_CONTEXT
configBACKLOG_VIEWER_PORT3030 # HTTP server port
🔐 secretCLIENT_SECRET
configGITHUB_CLIENT_IDnpx wrangler secret put # GitHub OAuth App client ID
🔐 secretGITHUB_CLIENT_SECRETnpx wrangler secret put
🔐 secretJWT_SECRETnpx wrangler secret put # any strong random string
configLOG_LEVEL
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 3 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/gkoreli-backlog-mcp-1t334k)](https://m8ven.ai/mcp/gkoreli-backlog-mcp-1t334k)
commit: 55158063c972a922443f3a2863b5d53ebaa48c9d
code hash: 65f100494c3963aa6425e5850ed2a856618f029c1a51cd39d4078c91271d4dda
verified: 4/18/2026, 7:00:16 PM
view raw JSON →