Keycard Hello MCP Server

An MCP server demonstrating OAuth 2.0 authentication with Keycard's Security Token Service, providing tools for displaying the Keycard logo and retrieving authenticated user information.

→ keycardai/hello-mcp-server · listed on glama

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

⚠️

Known vulnerabilities in dependencies: 5 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

⚠️

Tests do not pass

Either the test suite is broken or the code regressed. Either way the published behaviour can’t be verified by the publisher’s own tests.

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configENABLE_OTEL— Enable OpenTelemetry true

configHOST— Server host localhost

configISSUER_BASE_DOMAIN— Base domain for STS (multi-tenant mode) - ✅

configKEYCARD_STS_ISSUER_URL— Keycard STS issuer URL (single-tenant mode) - ✅

configLOG_LEVEL— Logging level INFO

configMCP_BASE_DOMAIN— Base domain for MCP server (multi-tenant mode) - ✅

configOTEL_ENVIRONMENT— Environment for telemetry development

configOTEL_EXPORTER_OTLP_ENDPOINT

configOTEL_EXPORTER_OTLP_LOGS_ENDPOINT

configOTEL_EXPORTER_OTLP_TRACES_ENDPOINT

configOTEL_SERVICE_NAME— Service name for telemetry hello-mcp-server

configOTEL_SERVICE_VERSION

configPORT— Server port 8888

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 7 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/keycardai-hello-mcp-server-dbhws6)](https://m8ven.ai/mcp/keycardai-hello-mcp-server-dbhws6)

commit: 546c78c9e387187f9bfe382ab1e9e71b0e0a02f2

code hash: 96eb276ba0c10b7b155c98a1c3a031f3ad1757007bdeb4928bfcac49a2964168

verified: 6/14/2026, 10:11:44 AM

view raw JSON →