98
grade A
2 days ago
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
// key findings
✅
17 tools verified — handlers match their declared behaviour
13 read-only tools verified — handlers contain no write/delete/exec
✅
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
✅
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 1 credential: SUPABASE_SERVICE_ROLE_KEY
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from
process.env. You'll be asked to provide them before it can run.config
M8VEN_APP_URLconfig
NEXT_PUBLIC_SUPABASE_URL🔐 secret
SUPABASE_SERVICE_ROLE_KEYconfig
SUPABASE_URL// quality suggestions
Tool handlers catch errors
14/17 tool handlers wrap calls in try/catch (82%)
Wrap each tool handler body in try/catch and return a structured error response.
Tests exist
No test files found
Add tests that exercise each declared tool.
// embed badge in your README
[](https://m8ven.ai/mcp/jj-m8ven-is-it-legit-mcp-b20672)commit: 3c1349b345dd99be5ffd1057b16974a2f6d18259
code hash: d928565f3a22f09545fdf85db5190e1f88e585c0497547533dad1c4a49d99e45
verified: 4/18/2026, 3:42:42 PM