h1-mcp
Verified Safeby bzzimmy
Overview
Provides an MCP server to enable AI agents to query HackerOne disclosed reports and hacktivity.
Installation
npx h1-mcpEnvironment Variables
- HACKERONE_API_USERNAME
- HACKERONE_API_TOKEN
Security Notes
The server correctly uses environment variables for HackerOne API credentials, which is good practice. It defines legitimate HackerOne API endpoints as its base URL. However, the core functionality for making actual API requests to HackerOne is marked with 'TODO: Implement' and currently throws 'Not implemented' errors. This means the current code does not perform any external data fetching or processing beyond setting up the server and tool definitions, minimizing immediate security risks. Future implementations will require careful review.
Similar Servers
mcp-servers
An MCP server for managing files in Google Cloud Storage, supporting CRUD operations (save, get, search, delete) and exposing files as resources.
Reversecore_MCP
Provides a Micro-Agent Control Protocol (MCP) server that wraps various reverse engineering CLI tools and libraries, enabling AI agents to perform binary analysis, malware analysis, and vulnerability research through natural language commands.
copilot-security-instructions
This MCP server provides a toolkit to guide GitHub Copilot toward secure coding practices by offering customizable security-focused prompts and agents for integration into development workflows.
ggmcp
A focused MCP server for developers, providing remediation tools for secrets detected in code and honeytoken management capabilities.