74
/ 100
1 month ago
glama

node-red-mcp

A Model Context Protocol server for Node-RED integration, enabling AI agents to manage flows, install modules, and monitor Node-RED instances via natural language.

Is this your MCP?

Claim it to get a verified publisher badge, a free copy of our full audit findings, and direct contact for any high-priority issues we find.

Install from

M8ven verifies MCPs across every public registry — install directly from whichever one you prefer.

// key findings
No credential exfiltration, no sensitive file access, no obfuscation
Static analysis found nothing flowing your secrets to unexpected places.
🔐
You'll be asked for 6 credentials: ACCEPT_ANY_BEARER_TOKEN, API_KEY, JWT_SECRET, MCP_PASSWORD, NODERED_API_TOKEN, NODERED_PASSWORD
These are read from process.env at runtime. Make sure you trust where they’ll be sent.
// required environment variables
This server reads these from process.env. You'll be asked to provide them before it can run.
🔐 secretACCEPT_ANY_BEARER_TOKEN
🔐 secretAPI_KEY
configAUTH_FALLBACK_ENABLED
configBASE_URL
configCLAUDE_AUTH_REQUIRED
configCLAUDE_COMPATIBLE_MODE
configCORS_CREDENTIALS
configCORS_ORIGINNo Allowed CORS origins
configDISABLE_HELMET
configHOSTNo Bind address (default: 0.0.0.0)
configHOSTNAME
configHTTP_ENABLED
configJWT_EXPIRES_IN
🔐 secretJWT_SECRETsubsequent requests. Requires to be set.
🔐 secretMCP_PASSWORD1. HTTP Basic Auth — Set MCP_USERNAME and . Clients send an
configMCP_SERVER_NAME
configMCP_SERVER_VERSION
configMCP_TRANSPORTStreamable HTTP =http POST /mcp Production deployments, remote agents
configMCP_USERNAME1. HTTP Basic Auth — Set and MCP_PASSWORD. Clients send an
🔐 secretNODERED_API_TOKEN
🔐 secretNODERED_PASSWORD"": "your-secure-password"
configNODERED_RETRIES
configNODERED_SKIP_CREDENTIAL_VALIDATION
configNODERED_TIMEOUT
configNODERED_TLS_REJECT_UNAUTHORIZED
configNODERED_URL"": "https://your-nodered-instance.com",
configNODERED_USERNAME"": "your-username",
configOAUTH_CLAUDE_CLIENT_ID
configPORTNo Listen port (default: 3000)
configPUBLIC_URL
configRATE_LIMIT_MAX_REQUESTS
configRATE_LIMIT_WINDOW_MS
configSSE_ENABLED
configSSE_HEARTBEAT_INTERVAL
configSSE_MAX_CONNECTIONS
configSSE_PORT
configSSE_RETRY_TIMEOUT
// full audit trail
The full breakdown of what we checked, the deductions that landed, the network hosts, the dependency advisories, and concrete fix guidance is available to verified publishers.
// improvement guidance — verified publishers only
We have 1 concrete improvement we can share with the publisher of this MCP. Each comes with specific guidance to raise the trust score.
// embed badge in your README
[![M8ven Score](https://m8ven.ai/badge/mcp/ziv-daniel-node-red-mcp-7deqyl)](https://m8ven.ai/mcp/ziv-daniel-node-red-mcp-7deqyl)
commit: 73bbe0d571a922e6f700baf130b469ceb1cad17f
code hash: 0deb591907bad5c867078989738868c6bee69c3e1e4aa3875ed637d477670249
verified: 6/10/2026, 10:58:58 AM
view raw JSON →