74
/ 100
18 days ago
glama

ghostkit MCP Server

MCP server that provides AI clients with 26 security and developer tools, enabling tasks like JWT decoding, HTTP header analysis, and phishing URL inspection.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
🚨
Secret credentials may flow to a network call
1 flow detected: GHOSTKIT_API_KEY. We can’t prove the destination matches the brand the credential belongs to.
🔐
You'll be asked for 1 credential: GHOSTKIT_API_KEY
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
configGHOSTKIT_API_BASE
🔐 secretGHOSTKIT_API_KEY"": "gk_your_key_here"
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 2 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/pspray-ghostkit-mcp-11mcvt)](https://m8ven.ai/mcp/pspray-ghostkit-mcp-11mcvt)
commit: e02be47de5a4a5901afde16f6f32264cc6bfd189
code hash: b9c394e03f6634221b4b079846196159d6a8960e45622881b355915b6d453cf5
verified: 6/22/2026, 1:27:17 PM
view raw JSON →