Registry/AWS MCP Server

AWS MCP Server

v1.0.0
Verified

AWS services integration for Model Context Protocol clients.

By CommunityMIT
typescript
developer tools
2.1Kstars
140downloads
285forks
Scanned Jul 13, 2026
WebsiteNPM
A+100%
Scanned 6d ago

Excellent Security

Vulnerabilities Found
0Crit
0High
0Med
0Low
0Info

Security ScoreA+

100
out of 100

Vulnerabilities Found

0
Crit
0
High
0
Medi
0
Low
0
Info
Last scanned: 7/13/2026

Quality ScoreC

61
out of 100
48
Maint.
67
Popular
58
Docs
73
Compat
Maintenance48%
Popularity67%
Documentation58%
Compatibility73%

Maintenance48

Unknown
Commit Frequency30%
Release Frequency70%
Issue Response45%

Popularity67

2.1K
Stars
140
Downloads
285
Forks
Stars Score93%
Downloads Score39%
Forks Score86%

Documentation58

README Quality70%

Available Documentation

API DocsExamplesChangelog

Compatibility73

MCP Spec Compliance80%
Transport Support50%

Features

TypeScript

Supported Transports

STDIO

Agentic MCP Risk Intelligence

MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.

0
agentic findings
No advanced MCP issues detected

The current scan did not find prompt-injection, agent command, exfiltration, unbounded filesystem, or MCP SSRF patterns.

Prompt Injection Surface
0

Tool metadata can steer or hijack AI clients before a user invokes the tool.

AI → Command Execution
0

Model-selected tool arguments can reach shell/process execution.

Secret Exfiltration Path
0

Tool context combines credential access with outbound network capability.

Unbounded Filesystem
0

AI-controlled paths may access files outside the intended workspace.

Agent SSRF
0

AI-controlled URLs may reach local, metadata, or internal network services.

Vulnerabilities(0)

No security vulnerabilities detected. This server has a clean security record.

READMEAWS MCP Server

AWS MCP Server

⚠️ SECURITY WARNING: CREDENTIAL EXPOSURE ⚠️

Issue

Debug logging inadvertently exposes AWS credentials in plaintext.

Details

When debug mode is enabled (which is the default), the server logs:

  • AWS Access Key IDs
  • AWS Secret Access Keys
  • Session tokens

These logs may be:

  • Written to disk
  • Sent to logging services
  • Visible in terminal history

CVSS: 7.5 (High)

Mitigation

  1. Disable debug logging in production
  2. Clear existing logs
  3. Rotate AWS credentials
  4. Use IAM roles instead of static credentials

Fix Status

A PR has been submitted but not yet merged.

Embed Security Badge

Add this badge to your README or documentation

AWS MCP Server MCPSafe Security
[![AWS MCP Server MCPSafe Security](https://api.mcpsafe.org
/api/badge/aws-mcp-server-vuln.svg)](https://mcpsafe.org/registry/aws-mcp-server-vuln)
Need more customization options?Badge Documentation

Server Information

Source
NPM
Package
aws-mcp-server
Version
1.0.0
Language
typescript
License
MIT
Transport
STDIO
Added
Jan 20, 2026
Updated
Jul 13, 2026