Skip to main content
Glama

Appwrite Security MCP Server

MCP server for Appwrite security audits. Scan permissions, get a structured fix proposal, all from inside Claude Code, Cursor, or Cline. Active probe confirms every leak live with an anonymous fetch.

Tools

Tool

What it does

audit_project

Scans the Appwrite project, returns findings JSON. Active probe ON by default. Caches result.

list_findings

Lists cached findings by index, optionally filtered by severity.

preview_fix

Describes the proposed permission change for a finding (Appwrite PATCH replaces the full perms array, not merges, so the agent constructs the new list manually).

apply_fix is intentionally not in v0.1 because Appwrite permission updates are full-replacement — a partial agent diff would silently drop perms. Apply manually in the Appwrite console after preview_fix.

Related MCP server: supabase-security-mcp

Install

{
  "mcpServers": {
    "appwrite-security": {
      "command": "npx",
      "args": ["-y", "@perufitlife/appwrite-security-mcp"],
      "env": {
        "APPWRITE_ENDPOINT": "https://cloud.appwrite.io/v1",
        "APPWRITE_PROJECT_ID": "...",
        "APPWRITE_API_KEY": "..."
      }
    }
  }
}

API key needs scopes: databases.read, collections.read, projects.read.

License

MIT. Open source. Built by @Perufitlife.

For the standalone CLI, see https://github.com/Perufitlife/appwrite-security-skill For Supabase MCP, see https://github.com/Perufitlife/supabase-security-mcp For PocketBase MCP, see https://github.com/Perufitlife/pocketbase-security-mcp

Install Server
A
license - permissive license
A
quality
C
maintenance

Maintenance

Maintainers
Response time
Release cycle
Releases (12mo)
Commit activity

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Perufitlife/appwrite-security-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server