Tickr
CanonicalNPM@k-system/tickr-mcp
F
Catalogue entry updated 1 days ago
Auth postureNot probedno remote endpoint probed yet
Tools7111 Destructive · 35 Write · 25 Read
Worst categoryDestructivegrade tracks the peak, not the average
Capability mix
Destructive 11Write 35Read 25
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Exfiltration pathReads content an attacker can plant and can send data outward — a prompt-injection-to-exfiltration route.
Tools 71
delete_attachmentdelete_commentdelete_cycledelete_epicdelete_implementation_item
View all 71 tools
delete_labeldelete_statusdelete_ticketremove_epic_dependencyremove_project_memberremove_relationadd_commentadd_epic_dependencyadd_labeladd_project_memberadd_relationadd_release_ticketapply_presetassign_cycleassign_epiccomplete_dev_taskcreate_cyclecreate_epiccreate_implementation_itemcreate_labelcreate_projectcreate_releasecreate_statuscreate_ticketfail_dev_tasklink_commitpublish_releaseremove_labelremove_release_tickettriage_accepttriage_rejectupdate_commentupdate_cycleupdate_epicupdate_implementation_itemupdate_labelupdate_project_member_roleupdate_releaseupdate_statusupdate_ticketupdate_transitionsgenerate_release_notesget_boardget_my_tasksget_next_statusesget_projectget_releaseget_ticketlist_attachmentslist_commentslist_cycleslist_dev_assignmentslist_epicslist_labelslist_project_memberslist_projectslist_relationslist_releaseslist_statuseslist_ticketslist_transitionslist_workflow_presetspoll_dev_queuesearch_ticketstriage_listwhoami
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
delete_attachmentdeny
add_commentrate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →