Model Context Protocol moderate risk

Maigret

Maigret MCP server automates OSINT username searches across numerous platforms, providing formatted reports while prioritizing security through input validation and safe command execution.

Connections & Capabilities

Connects To

GitHubDocker

Capabilities

readexec

Quickstart

Install

npx -y @smithery/cli install mcp-maigret --client claude

Config

{
  "mcpServers": {
    "maigret": {
      "command": "mcp-maigret",
      "env": {
        "MAIGRET_REPORTS_DIR": "/path/to/reports/directory"
      }
    }
  }
}

Exposed MCP Tools (2)

safe

search_username

Searches for a specified username across various online platforms and social networks.

Primarily a read-only operation that gathers publicly available information.

safe

parse_url

Analyzes a given URL to extract relevant information and identify associated usernames.

Primarily a read-only operation that analyzes publicly accessible URLs.

Safety Assessment

The Maigret MCP server offers a reasonable level of safety due to its input validation and safe command execution practices. However, the need for write access to a reports directory and reliance on Docker introduce some risk. It's safe for automated username searches when used responsibly and ethically, but risky if used for malicious purposes or without proper understanding of its limitations.

Input validation restricts potentially harmful characters in usernames, URLs, and tags.
Uses `execFile()` to prevent shell injection vulnerabilities.
Command arguments are passed as arrays, avoiding string concatenation and potential exploits.
Docker-based execution provides a degree of isolation.

Requires write access to a reports directory, which could be a point of compromise.
Relies on external Docker container for execution, introducing a dependency and potential attack surface.
While input validation is present, vulnerabilities might still exist in the underlying Maigret tool or its dependencies.
Automated OSINT gathering can raise ethical concerns if not used responsibly.