58
grade D
2 days ago
mcp_so
TickTick MCP Server
MCP server for TickTick integration
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
// key findings
⚠️
Known vulnerabilities in dependencies: 6 high
Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.
✅
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
✅
Open source with a license and README
Anyone can audit the code, the license is declared, and the publisher documents what it does.
🔐
You'll be asked for 4 credentials: TICKTICK_ACCESS_TOKEN, TICKTICK_CLIENT_SECRET, TICKTICK_PASSWORD, TICKTICK_REFRESH_TOKEN
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from
process.env. You'll be asked to provide them before it can run.🔐 secret
TICKTICK_ACCESS_TOKEN— your_oauth_access_tokenconfig
TICKTICK_CLIENT_ID— your_client_id🔐 secret
TICKTICK_CLIENT_SECRET— your_client_secret🔐 secret
TICKTICK_PASSWORD— your_ticktick_password🔐 secret
TICKTICK_REFRESH_TOKEN— your_refresh_tokenconfig
TICKTICK_USERNAME— your_ticktick_username// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 3 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[](https://m8ven.ai/mcp/rafliruslan-ticktick-mcp-server-r089ne)commit: 2857539d2c507a0a06bd6573a1d3c130ae90151b
code hash: 08fbea003ea01550863a637e6a7217802aaf99a4c32123860edee8a031619799
verified: 4/18/2026, 6:00:51 PM