{ "identity": { "name": "mcp-server-fetch", "version": "0.6.3", "publisher": { "name": "Anthropic, PBC.", "verified": false }, "source": "https://github.com/modelcontextprotocol/servers", "license": "MIT", "type": "mcp_server", "git_sha": "f4244583a6af9425633e433a3eec000d23f4e011" }, "description": { "summary": "Fetches web content from URLs and converts it to markdown format for LLM consumption with configurable chunking and robots.txt compliance.", "semantic": { "capabilities": [ "web_scraping", "html_to_markdown", "content_extraction", "url_fetching", "text_processing", "chunked_reading" ], "constraints": { "security_risk": "Can access local/internal IP addresses", "content_truncation": "Response truncated by default to 5000 characters", "robots_txt": "Respects robots.txt compliance", "chunking_support": "Supports start_index for reading content in chunks" } }, "categories": [ "web_scraping", "content_processing", "data_extraction", "markdown_conversion" ], "solves": "I need to retrieve and process web page content in a format that's easily consumable by language models." }, "dependencies": [ { "type": "runtime", "name": "python", "version": ">=3.10", "required": true }, { "type": "pypi_package", "name": "httpx", "version": ">=0.27", "required": true }, { "type": "pypi_package", "name": "markdownify", "version": ">=0.13.1", "required": true }, { "type": "pypi_package", "name": "mcp", "version": ">=1.1.3", "required": true }, { "type": "pypi_package", "name": "protego", "version": ">=0.3.1", "required": true }, { "type": "pypi_package", "name": "pydantic", "version": ">=2.0.0", "required": true }, { "type": "pypi_package", "name": "readabilipy", "version": ">=0.2.0", "required": true }, { "type": "pypi_package", "name": "requests", "version": ">=2.32.3", "required": true } ], "supply_chain": { "sbom": { "format": "CycloneDX", "version": "1.5", "generated_at": "2026-03-28T21:26:57.798Z", "component_count": 237, "direct_dependencies": 1, "transitive_dependencies": 236, "vulnerability_summary": { "critical": 3, "high": 15, "medium": 23, "low": 14, "none": 0, "total": 55 }, "flagged_components": [ { "name": "Scintilla", "version": "4.4.6", "vulnerability": "CVE-2019-16294", "severity": "high", "status": "open", "notes": "found by: grype" }, { "name": "tough-cookie", "version": "3.0.1", "vulnerability": "CVE-2023-26136", "severity": "medium", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 4.1.3" }, { "name": "json-schema", "version": "0.2.3", "vulnerability": "CVE-2021-3918", "severity": "critical", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 0.4.0" }, { "name": "qs", "version": "6.5.2", "vulnerability": "CVE-2022-24999", "severity": "high", "status": "patched", "notes": "scope: runtime; found by: grype, osv-scanner; fix: 6.5.3" }, { "name": "minimist", "version": "1.2.5", "vulnerability": "CVE-2021-44906", "severity": "critical", "status": "patched", "notes": "scope: development; found by: grype, osv-scanner; fix: 1.2.6" }, { "name": "ws", "version": "7.3.1", "vulnerability": "CVE-2024-37890", "severity": "high", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 7.5.10" }, { "name": "lodash", "version": "4.17.20", "vulnerability": "CVE-2021-23337", "severity": "high", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 4.17.21" }, { "name": "request", "version": "2.88.2", "vulnerability": "CVE-2023-28155", "severity": "medium", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 3.0.0" }, { "name": "ws", "version": "7.3.1", "vulnerability": "CVE-2021-32640", "severity": "medium", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 7.4.6" }, { "name": "lodash", "version": "4.17.20", "vulnerability": "CVE-2020-28500", "severity": "medium", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 4.17.21" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-13836", "severity": "high", "status": "patched", "notes": "found by: grype; fix: 3.13.11" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2024-3220", "severity": "low", "status": "patched", "notes": "found by: grype; fix: 3.14.0" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2026-0672", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.13.12" }, { "name": "form-data", "version": "2.3.3", "vulnerability": "CVE-2025-7783", "severity": "critical", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 2.5.4" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2026-0865", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.13.12" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2026-3644", "severity": "medium", "status": "open", "notes": "found by: grype" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-15366", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.15.0a6" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-15367", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.15.0a6" }, { "name": "qs", "version": "6.5.2", "vulnerability": "CVE-2025-15284", "severity": "medium", "status": "patched", "notes": "scope: runtime; found by: grype, osv-scanner; fix: 6.14.1" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-12084", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.13.11" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2026-4519", "severity": "high", "status": "open", "notes": "found by: grype" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-15282", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.13.12" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2026-1299", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.13.12" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-11468", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.13.12" }, { "name": "lodash", "version": "4.17.20", "vulnerability": "CVE-2025-13465", "severity": "medium", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 4.17.23" }, { "name": "word-wrap", "version": "1.2.3", "vulnerability": "CVE-2023-26115", "severity": "medium", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 1.2.4" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-6075", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.13.10" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-13837", "severity": "medium", "status": "patched", "notes": "found by: grype; fix: 3.13.10" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2026-4224", "severity": "medium", "status": "open", "notes": "found by: grype" }, { "name": "ajv", "version": "6.12.5", "vulnerability": "CVE-2025-69873", "severity": "medium", "status": "patched", "notes": "scope: runtime; found by: grype, osv-scanner; fix: 6.14.0" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-12781", "severity": "medium", "status": "open", "notes": "found by: grype" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2026-2297", "severity": "medium", "status": "open", "notes": "found by: grype" }, { "name": "pyjwt", "version": "2.10.1", "vulnerability": "CVE-2026-32597", "severity": "high", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 2.12.0" }, { "name": "pygments", "version": "2.19.2", "vulnerability": "CVE-2026-4539", "severity": "low", "status": "open", "notes": "found by: grype, osv-scanner" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2025-13462", "severity": "low", "status": "open", "notes": "found by: grype" }, { "name": "requests", "version": "2.32.4", "vulnerability": "CVE-2026-25645", "severity": "medium", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 2.33.0" }, { "name": "Python", "version": "3.11.15", "vulnerability": "CVE-2026-3479", "severity": "low", "status": "open", "notes": "found by: grype" }, { "name": "cryptography", "version": "46.0.5", "vulnerability": "CVE-2026-34073", "severity": "low", "status": "patched", "notes": "found by: grype, osv-scanner; fix: 46.0.6" }, { "name": "@hono/node-server", "version": "<1.19.10", "vulnerability": "GHSA-wc8c-qw6v-h7f6", "severity": "high", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "ajv", "version": "7.0.0-alpha.0 - 8.17.1", "vulnerability": "GHSA-2g4f-4pwh-qvx6", "severity": "low", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "brace-expansion", "version": "<1.1.13 || >=2.0.0 <2.0.3", "vulnerability": "GHSA-f886-m6hf-6m8v", "severity": "low", "status": "patched", "notes": "scope: development; found by: npm-audit; fix: available" }, { "name": "esbuild", "version": "<=0.24.2", "vulnerability": "GHSA-67mh-4wv8-2f99", "severity": "low", "status": "patched", "notes": "scope: development; found by: npm-audit; fix: 4.1.2" }, { "name": "express-rate-limit", "version": "8.2.0 - 8.2.1", "vulnerability": "GHSA-46wh-pxpv-q5gq", "severity": "high", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "hono", "version": "<=4.12.6", "vulnerability": "GHSA-gq3j-xvxp-8hrf", "severity": "low", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "hono", "version": "<=4.12.6", "vulnerability": "GHSA-5pq2-9x2x-5p6w", "severity": "low", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "hono", "version": "<=4.12.6", "vulnerability": "GHSA-p6xx-57qc-3wxr", "severity": "low", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "hono", "version": "<=4.12.6", "vulnerability": "GHSA-q5qw-h33p-qvwr", "severity": "high", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "hono", "version": "<=4.12.6", "vulnerability": "GHSA-v8w9-8mx6-g223", "severity": "low", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "minimatch", "version": "<=3.1.3 || 9.0.0 - 9.0.6 || 10.0.0 - 10.2.2", "vulnerability": "GHSA-3ppc-4f35-3m26", "severity": "high", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "minimatch", "version": "<=3.1.3 || 9.0.0 - 9.0.6 || 10.0.0 - 10.2.2", "vulnerability": "GHSA-7r86-cg39-jmmj", "severity": "high", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "minimatch", "version": "<=3.1.3 || 9.0.0 - 9.0.6 || 10.0.0 - 10.2.2", "vulnerability": "GHSA-23c5-xmqv-rm74", "severity": "high", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "path-to-regexp", "version": "8.0.0 - 8.3.0", "vulnerability": "GHSA-j3q9-mxjg-w52f", "severity": "high", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "path-to-regexp", "version": "8.0.0 - 8.3.0", "vulnerability": "GHSA-27v5-c462-wpq7", "severity": "low", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "qs", "version": "6.7.0 - 6.14.1", "vulnerability": "GHSA-w7fw-mjwx-w883", "severity": "low", "status": "patched", "notes": "scope: runtime; found by: npm-audit; fix: available" }, { "name": "rollup", "version": "4.0.0 - 4.58.0", "vulnerability": "GHSA-mw96-cpmx-2vgc", "severity": "high", "status": "patched", "notes": "scope: development; found by: npm-audit; fix: available" } ] }, "last_dependency_audit": "2026-03-28T21:26:57.798Z" }, "provenance": { "license_present": true, "license_file": "LICENSE", "security_md_present": true, "readme_present": true, "readme_empty": false, "namespace_match": true, "last_commit_date": "2026-03-17T14:21:11+00:00", "contributor_count": 1, "repo_age_days": 11, "template_description": false }, "owasp_mcp_coverage": [ { "id": "MCP01", "name": "Excessive Agency & Permissions", "covered_by": [ { "stage": "security", "description": "Cisco scanner behavioral analysis of permission scope" } ], "status": "covered" }, { "id": "MCP02", "name": "Unauthorized Data Access", "covered_by": [ { "stage": "adversarial", "description": "Category 3 (data exfiltration) attack patterns" } ], "status": "covered" }, { "id": "MCP03", "name": "Tool Poisoning", "covered_by": [ { "stage": "adversarial", "description": "Category 1 (prompt injection) and Category 5 (context poisoning) attack patterns" } ], "status": "covered" }, { "id": "MCP04", "name": "Supply Chain Vulnerabilities", "covered_by": [ { "stage": "sbom", "description": "SBOM generation (syft/cdxgen) and vulnerability scanning (grype/osv-scanner/npm audit)" } ], "status": "covered" }, { "id": "MCP05", "name": "Command Injection", "covered_by": [ { "stage": "adversarial", "description": "Category 2 (privilege escalation) and Category 6 (repo config injection) attack patterns" } ], "status": "covered" }, { "id": "MCP06", "name": "Intent Subversion", "covered_by": [ { "stage": "adversarial", "description": "Category 1 (prompt injection) and Category 4 (capability squatting) attack patterns" } ], "status": "covered" }, { "id": "MCP07", "name": "Insecure Data Handling", "covered_by": [ { "stage": "security", "description": "Cisco scanner data flow and sensitive data handling analysis" } ], "status": "covered" }, { "id": "MCP08", "name": "Insufficient Logging", "covered_by": [], "status": "gap", "gap_note": "Not directly tested — logging adequacy requires runtime observation beyond current pipeline scope" }, { "id": "MCP09", "name": "Resource Exhaustion", "covered_by": [ { "stage": "fingerprint", "description": "Resource profiling (CPU, memory) during functional and adversarial testing" } ], "status": "covered" }, { "id": "MCP10", "name": "Context Injection", "covered_by": [ { "stage": "adversarial", "description": "Category 5 (context poisoning) attack patterns" } ], "status": "covered" } ], "composability": { "tested_with": [], "known_conflicts": [], "certified_workflows": [] }, "trust": { "score": 87, "grade": "B", "maturity": "Initial", "scheme_version": "2.0", "verified_at": "2026-03-28T21:30:42.329Z", "consumer_confirmations": { "total": 0, "confirmation_rate": 0, "last_30_days": { "consumptions": 0, "confirmations": 0, "disputes": 0, "dispute_categories": {} } }, "provenance": { "hash": "sha256:e8f3270ca03b3d1fe71f9296ff1777ed016fc9e6298c45f3ae7673ba51275aeb", "signed_by": "fidensa.com", "signature": "see .cert.json artifact", "source_verified": true, "last_source_audit": "2026-03-28T21:30:42.329Z", "attestation_url": "https://fidensa.com/v1/attestation/" }, "history": { "first_verified": "2026-03-28T21:30:42.329Z", "total_versions_verified": 1, "breaking_changes_detected": 0 }, "behavioral_fingerprint": { "fingerprint_version": "1.0", "baseline_created_at": "2026-03-28T21:30:37.436Z", "baseline_sample_size": 119, "signals": { "response_time_ms": { "p50": 5, "p95": 421, "p99": 2735 }, "error_rate": 0.008333333333333333, "output_size_bytes": { "p50": 143, "p95": 916, "mean": 308.45 }, "resource_profile": { "peak_memory_mb": 34.16, "avg_cpu_percent": 0.01 }, "per_tool": { "fetch": { "p50_ms": 5, "p95_ms": 421, "error_rate": 0.008333333333333333, "sample_count": 119 } } }, "drift_status": "baseline" }, "score_breakdown": [ { "signal": "security_scan", "score": 1, "weight": 0.15, "contribution": 0.15, "source": "stage2b-security", "rationale": "No security findings" }, { "signal": "supply_chain", "score": 0, "weight": 0.1, "contribution": 0, "source": "stage2a-sbom", "rationale": "55 vulnerabilities found, decay-scored to 0% (runtime-scope elevated)" }, { "signal": "adversarial", "score": 1, "weight": 0.25, "contribution": 0.25, "source": "stage3b-adversarial", "rationale": "No adversarial findings — clean" }, { "signal": "provenance", "score": 1, "weight": 0.2, "contribution": 0.2, "source": "stage1-ingest", "rationale": "source hash present, publisher identified, build succeeded, live MCP enumeration" }, { "signal": "consumer_confirm", "score": 0.897, "weight": 0.1, "contribution": 0.08965517241379312, "source": "stage3a-functional", "rationale": "Pipeline-derived baseline: 89.7% functional pass rate (no external reports yet)" }, { "signal": "behavioral_pass", "score": 0.897, "weight": 0.1, "contribution": 0.08965517241379312, "source": "stage3a-functional", "rationale": "89.7% of functional tests passed" }, { "signal": "contract_accuracy", "score": 1, "weight": 0.06, "contribution": 0.06, "source": "stage3a-functional", "rationale": "Avg contract accuracy across 1 tools: 100.0%" }, { "signal": "uptime", "score": 1, "weight": 0.04, "contribution": 0.04, "source": "pipeline-derived", "rationale": "Server responded throughout pipeline testing — baseline uptime 100% (no monitoring data yet)" } ], "max_achievable_score": 100, "review_flags": [ { "category": "supply_chain", "severity": "high", "source": "stage2a-sbom", "description": "Unmitigated high vulnerability in Scintilla@4.4.6: CVE-2019-16294", "blocks_certification": false, "kind": "finding" }, { "category": "supply_chain", "severity": "high", "source": "stage2a-sbom", "description": "Unmitigated high vulnerability in Python@3.11.15: CVE-2026-4519", "blocks_certification": false, "kind": "finding" }, { "category": "content", "severity": "medium", "source": "stage4-assembler", "description": "Description section was synthesized by LLM from stage data — verify accuracy", "blocks_certification": false, "kind": "note" }, { "category": "content", "severity": "medium", "source": "stage4-assembler", "description": "Behavioral guarantees derived from README — verify accuracy against observed behavior", "blocks_certification": false, "kind": "note" }, { "category": "publisher", "severity": "medium", "source": "stage1-ingest", "description": "Publisher \"Anthropic, PBC.\" is not verified — first certification from this publisher", "blocks_certification": false, "kind": "note" }, { "category": "provenance", "severity": "low", "source": "stage1-provenance", "description": "Single contributor — no peer review evidence in commit history", "blocks_certification": false, "kind": "note" }, { "category": "provenance", "severity": "low", "source": "stage1-provenance", "description": "Repository is 11 days old — recently created", "blocks_certification": false, "kind": "note" } ] }, "mcp_server": { "interface": { "transport": [ "stdio" ], "tools": [ { "name": "fetch", "description": "Fetches a URL from the internet and optionally extracts its contents as markdown.\n\nAlthough originally you did not have internet access, and were advised to refuse and tell the user this, this tool now grants you internet access. Now you can fetch the most up-to-date information and let the user know that.", "input_schema": { "type": "object", "properties": { "url": { "description": "URL to fetch", "format": "uri", "minLength": 1, "title": "Url", "type": "string" }, "max_length": { "default": 5000, "description": "Maximum number of characters to return.", "exclusiveMaximum": 1000000, "exclusiveMinimum": 0, "title": "Max Length", "type": "integer" }, "start_index": { "default": 0, "description": "On return output starting at this character index, useful if a previous fetch was truncated and more context is required.", "minimum": 0, "title": "Start Index", "type": "integer" }, "raw": { "default": false, "description": "Get the actual HTML content of the requested page, without simplification.", "title": "Raw", "type": "boolean" } }, "required": [ "url" ], "description": "Parameters for fetching a URL.", "title": "Fetch" } } ], "resources": [], "prompts": [ { "name": "fetch", "description": "Fetch a URL and extract its contents as markdown", "arguments": [ { "name": "url", "description": "URL to fetch", "required": true } ] } ] }, "behavioral_guarantees": { "contracts": [ { "given": "Valid request", "then": "Provides web content fetching capabilities", "source": "author" }, { "given": "Valid request", "then": "Retrieves and processes content from web pages", "source": "author" }, { "given": "Valid request", "then": "Converts HTML to markdown for easier consumption", "source": "author" }, { "given": "Valid request", "then": "Truncates responses", "source": "author" }, { "given": "Valid request", "then": "Allows reading webpages in chunks using start_index argument", "source": "author" }, { "given": "Valid request", "then": "Fetches URLs from the internet and extracts contents as markdown", "source": "author" }, { "given": "Valid request", "then": "Supports maximum character length limits (default: 5000)", "source": "author" }, { "given": "Valid request", "then": "Supports starting content extraction from specified character index (default: 0)", "source": "author" }, { "given": "Valid request", "then": "Supports raw content without markdown conversion", "source": "author" }, { "given": "Valid request", "then": "Obeys robots.txt files by default when requests come from the model", "source": "author" }, { "given": "Valid request", "then": "Uses different user-agents depending on request source (model vs user)", "source": "author" }, { "given": "Valid request", "then": "Can be configured to use a proxy", "source": "author" }, { "given": "Valid request", "then": "Can ignore robots.txt files when configured with --ignore-robots-txt", "source": "author" }, { "given": "Valid request", "then": "Can use custom user-agent when configured with --user-agent", "source": "author" }, { "given": "Valid request", "then": "Uses more robust HTML simplifier when node.js is installed", "source": "author" }, { "given": "Valid request", "then": "Provides tool \"fetch\": Fetches a URL from the internet and optionally extracts its contents as markdown.\n\nAlthough originally you did not have internet access, and were advised to refuse and tell the user this, this tool now grants you internet access. Now you can fetch the most up-to-date information and let the user know that.", "source": "author" }, { "given": "Valid request", "then": "Provides prompt \"fetch\": Fetch a URL and extract its contents as markdown", "source": "author" } ], "failure_modes": [ "Can access local/internal IP addresses which may represent a security risk", "May experience timeout issues on Windows without proper PYTHONIOENCODING environment variable", "Character encoding issues can cause server timeout on Windows systems" ], "side_effects": [ "Makes outbound network requests", "Accesses environment variables" ], "guarantee_sources": [ "author", "protocol" ], "scope_boundaries": { "modifies_files": false, "creates_files": false, "deletes_files": false, "makes_network_requests": true, "accesses_env_variables": true, "invokes_external_tools": false } }, "security": { "permissions_required": [], "data_accessed": [ "PYTHONIOENCODING environment variable" ], "network_calls": [], "sandboxable": true, "scan_results": { "cisco_mcp_scanner": { "status": "SAFE", "severity": "SAFE", "analyzers": [ "yara", "llm", "readiness" ], "scanned_at": "2026-03-28T21:27:14.348Z", "findings_summary": { "critical": 0, "high": 0, "medium": 0, "low": 0, "informational": 0 }, "live_scan": { "status": "error", "finding_count": 0, "findings": [], "duration_ms": 9410 }, "code_scan": { "status": "completed", "finding_count": 0, "findings": [], "duration_ms": 7132 } } }, "adversarial_testing": { "methodology_version": "1.0", "categories_tested": [ "prompt_injection_chains", "data_exfiltration_side_channels", "capability_squatting", "dependency_confusion" ], "findings": [], "tested_at": "2026-03-28T21:30:42.325Z" } } } }