ZenTao MCP Server

Enables interaction with ZenTao project management system through RESTful API v1. Supports bug tracking, project/product management, and automated token authentication for seamless integration.

→ Valiant-Cat/zentao-mcp-server · listed on glama

Install from

Glama

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings

⚠️

Known vulnerabilities in dependencies: 2 high

Affects packages this MCP installs at runtime. Upgrade or remove the affected dependency.

✅

No credential exfiltration, no sensitive file access, no obfuscation

Static analysis found nothing flowing your secrets to unexpected places.

🔐

You'll be asked for 2 credentials: ZENTAO_PASSWORD, ZENTAO_TOKEN

These are read from process.env at runtime. Make sure you trust where they’ll be sent.

// required environment variables

This server reads these from process.env. You'll be asked to provide them before it can run.

configZENTAO_ACCOUNT— echo 'export ="你的账号"' >> ~/.zshrc

configZENTAO_BASE_URL— ：禅道服务地址，形如 https://xxx.com

🔐 secretZENTAO_PASSWORD— echo 'export ="你的密码"' >> ~/.zshrc

🔐 secretZENTAO_TOKEN— ：可选，已有 token；如果未提供会自动通过 /tokens 获取

// full audit trail

The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.

// improvement guidance — verified publishers only

We have 6 concrete improvements we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.

// embed badge in your README

[![M8ven Score](https://m8ven.ai/badge/mcp/valiant-cat-zentao-mcp-server-1schnh)](https://m8ven.ai/mcp/valiant-cat-zentao-mcp-server-1schnh)

commit: 72778743ba4da1c37fdcbd4d468e05502c11623b

code hash: 2aab85cd290ba5bcab86c1ca2add5424d2617fdca6e83a8d19825cc2ca539446

verified: 4/18/2026, 7:04:13 PM

view raw JSON →