phantom/phantom-connect-sdk

MCP Server for Phantom Wallet

→ phantom/phantom-connect-sdk· npm: @phantom/mcp-server· listed on npm

Install from

npm npm

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

✅

Open source with a license and README

Anyone can audit the code, the license is declared, and the publisher documents what it does.

🔐

You'll be asked for 1 credential: ORGANIZATION_PRIVATE_KEY

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configAPP_ID— appId: process.env.,

configEXPO_PUBLIC_APP_ID

configEXPO_PUBLIC_APP_SCHEME

configEXPO_PUBLIC_AUTH_API_BASE_URL

configEXPO_PUBLIC_AUTH_URL

configEXPO_PUBLIC_DEBUG

configEXPO_PUBLIC_EMBEDDED_WALLET_TYPE

configEXPO_PUBLIC_REDIRECT_URL

configEXPO_PUBLIC_SOLANA_RPC_URL_MAINNET

configEXPO_PUBLIC_WALLET_API

configNETWORK

configORGANIZATION_ID— organizationId: process.env.,

🔐 secretORGANIZATION_PRIVATE_KEY

configSOLANA_RPC_URL

configWALLET_API

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 0 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/phantom-mcp-server-zgdtyx)](https://m8ven.ai/mcp/phantom-mcp-server-zgdtyx)

commit: 56a222b3746e2d8565d04c4533ff3717b16baf2f

code hash: 0d0c4b03f5e303cf887bf52d8a2cd8156958554cd0bf079a75257b3a90976852

verified: 4/18/2026, 3:57:19 PM

view raw JSON →