AWS MCP Server
AWS services integration for Model Context Protocol clients.
Excellent Security
Security ScoreA+
Vulnerabilities Found
Quality ScoreC
Maintenance48
Popularity67
Documentation58
Available Documentation
Compatibility73
Features
Supported Transports
Agentic MCP Risk Intelligence
MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.
The current scan did not find prompt-injection, agent command, exfiltration, unbounded filesystem, or MCP SSRF patterns.
Tool metadata can steer or hijack AI clients before a user invokes the tool.
Model-selected tool arguments can reach shell/process execution.
Tool context combines credential access with outbound network capability.
AI-controlled paths may access files outside the intended workspace.
AI-controlled URLs may reach local, metadata, or internal network services.
Vulnerabilities(0)
No security vulnerabilities detected. This server has a clean security record.
READMEAWS MCP Server
AWS MCP Server
⚠️ SECURITY WARNING: CREDENTIAL EXPOSURE ⚠️
Issue
Debug logging inadvertently exposes AWS credentials in plaintext.
Details
When debug mode is enabled (which is the default), the server logs:
- AWS Access Key IDs
- AWS Secret Access Keys
- Session tokens
These logs may be:
- Written to disk
- Sent to logging services
- Visible in terminal history
CVSS: 7.5 (High)
Mitigation
- Disable debug logging in production
- Clear existing logs
- Rotate AWS credentials
- Use IAM roles instead of static credentials
Fix Status
A PR has been submitted but not yet merged.
Embed Security Badge
Add this badge to your README or documentation
[](https://mcpsafe.org/registry/aws-mcp-server-vuln)Server Information
- Source
- NPM
- Package
- aws-mcp-server
- Version
- 1.0.0
- Language
- typescript
- License
- MIT
- Transport
- STDIO
- Added
- Jan 20, 2026
- Updated
- Jul 13, 2026