Sendook
UnverifiedREPOstreamlinedstartup/sendook-mcp
F
Catalogue entry updated 5 days ago
Auth postureNot probedno remote endpoint probed yet
Tools162 Destructive · 1 Execute · 4 Write · 9 Read
Worst categoryDestructivegrade tracks the peak, not the average
Capability mix
Destructive 2Execute 1Write 4Read 9
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Exfiltration pathReads content an attacker can plant and can send data outward — a prompt-injection-to-exfiltration route.
Tools 16
sendook_delete_inboxsendook_delete_webhooksendook_test_webhooksendook_create_inboxsendook_create_webhook
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
sendook_delete_inboxdeny
sendook_test_webhookrequire approval
sendook_create_inboxrate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →