Back to MCP Trust Indexm8ven
69
/ 100
1 day ago
glama

Joule HR MCP Server

Exposes SAP SuccessFactors HR data as MCP tools for AI agents, enabling natural language queries about employees, jobs, performance, and organizational structure.

marcelofiorito/joule-sfsf-mcp· listed on glama
Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
🔐
You'll be asked for 3 credentials: MCP_AUTH_TOKEN, SAP_APIKEY, CERT_XSUAA_SECRET
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configMODEsfsf SFSF_CLIENT_ID=xxx SFSF_KEY_B64=xxx SFSF_CERT_B64=xxx \
configSFSF_COMPANY
configSFSF_CLIENT_ID3. Copie o API Key gerado → use como
configSFSF_LOGIN_URL
configSFSF_API_URL
🔐 secretMCP_AUTH_TOKENcf set-env joule-sfsf-mcp "$(python3 -c 'import uuid; print(uuid.uuid4())')"
configSFSF_KEY_B64export =$(cat sfsf_poc.key base64 tr -d '\n')
configSFSF_CERT_B64export =$(cat sfsf_poc.crt base64 tr -d '\n')
🔐 secretSAP_APIKEY
configCF_HOST
configCERT_XSUAA_CLIENT
🔐 secretCERT_XSUAA_SECRET
configCERT_XSUAA_URL
configPORT
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 5 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/marcelofiorito-joule-sfsf-mcp-88xzn6)](https://m8ven.ai/mcp/marcelofiorito-joule-sfsf-mcp-88xzn6)
commit: bc4eea09ec79d0d5c4ad78aa4d7d4fb481a7dd09
code hash: 778c1ae5efdb306529512a141e4531a20dd038c8873dc010ac3c015194617245
verified: 6/26/2026, 9:41:15 AM
view raw JSON →