A remote MCP server deployed on Cloudflare Workers without authentication, enabling connection to AI Playground and local MCP clients like Claude Desktop.
Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.
Install from
M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.
Disclosed vulnerabilities in this server's declared npm dependencies (via OSV). Whether each is reachable depends on the installed versions.
Cloudflare Agents is Vulnerable to Reflected Cross-Site Scripting in the AI Playground's OAuth callback handler
Cloudflare Agents SDK has Insecure Direct Object Reference (IDOR) via Header-Based Email Routing
Cloudflare Agents has a Reflected Cross-Site Scripting (XSS) vulnerability in AI Playground site
[](https://m8ven.ai/mcp/yegorkozlov-remote-mcp-server-authless-1opzjh)