ClickUp MCP
UnverifiedREPOtwofeetup/clickup-mcp
F
Catalogue entry updated 2 days ago
Auth postureNot probedno remote endpoint probed yet
Tools579 Destructive · 29 Write · 19 Read
Worst categoryDestructivegrade tracks the peak, not the average
Capability mix
Destructive 9Write 29Read 19
What it can reach
Ingests untrusted inputTouches secretsReaches networkRuns codeTouches filesChanges permissionsSends external commsPersistsDeletes dataMoves money
Exfiltration pathReads content an attacker can plant and can send data outward — a prompt-injection-to-exfiltration route.
Tools 57
delete_bulk_tasksdelete_folderdelete_listdelete_space_tagdelete_task
View all 57 tools
delete_time_entrymanage_containeroperate_tagstask_time_trackingadd_tag_to_taskadd_time_entryapply_templateattach_file_to_taskattach_task_filecreate_bulk_taskscreate_document_pagecreate_foldercreate_listcreate_list_in_foldercreate_space_tagcreate_taskcreate_task_commentduplicate_taskmanage_documentmanage_document_pagemanage_taskmove_bulk_tasksmove_taskremove_tag_from_taskstart_time_trackingstop_time_trackingtask_commentsupdate_bulk_tasksupdate_document_pageupdate_folderupdate_listupdate_space_tagupdate_taskfind_member_by_namefind_membersget_containerget_current_time_entryget_documentget_document_pagesget_folderget_listget_space_tagsget_taskget_task_commentsget_task_time_entriesget_tasksget_workspace_hierarchyget_workspace_memberslist_document_pageslist_documentsresolve_assigneessearch_tasks
Change history
No changes recorded since first scan. Watched servers surface a diff within the hour.
Recommended policy
delete_bulk_tasksdeny
add_tag_to_taskrate limit
Read-only toolsallow
Full policy breakdown with enforcement rules →