Detect email threats, manage cases, and remediate incidents with Abnormal Security.
This MCP tool comes from an official registry entry and is open source, which makes its provenance relatively trustworthy overall. However, it requires an Abnormal API token and has the standard local execution capability of MCP tools, so it should be configured with least privilege and scoped credentials.
The materials show it requires ABNORMAL_API_TOKEN, which is a sensitive API credential; if exposed, it could be used to access Abnormal Security-related detection, case, or remediation capabilities. AUTH_MODE, MCP_TRANSPORT, and LOG_LEVEL appear to be configuration values rather than highly sensitive secrets.
No remote host is listed in the objective materials, but the tool is clearly intended for Abnormal Security services and uses an API token, which normally implies communication with service-related endpoints. Because the README and endpoint details are absent, the exact egress targets and data scope cannot be confirmed and should be verified during deployment.
The system checks indicate that the tool executes code or starts a local process, which is standard behavior for MCP tools. The materials do not show requests for unusual system privileges, nor do they describe obviously unrelated high-risk execution capabilities.
Based on the description, its primary access scope is likely Abnormal Security data related to email threat detection, cases, and remediation. The materials do not specify local file read/write behavior or broad filesystem access, so over-privilege is not established, but it should be assumed to handle business-sensitive security incident data.
There are meaningful positive supply-chain signals: it is listed in an official registry, has a public open-source repository, and was updated within the last year, making the code auditable. Although the repository does not declare a license and has low star count, those factors warrant review rather than a high-risk rating based on the available evidence.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "Abnormal Security" yet — see the docs or source repo.
Access email threats, investigate cases, and generate reports in terminal or AI agents.
Analyze AI security, scan vulnerabilities, and monitor code leaks efficiently.
Analyze Android and iOS app packages for security issues via natural language.
Analyze security incidents, map ATT&CK techniques, score severity, and recommend remediation.
Scan inbound emails for prompt injection before they reach AI agents.
Find MCP security resources, risks, and protection best practices quickly.