Is Fetch MCP server safe?

mcp-server-fetch is an AI python_package analyzed by SkillTotal's deterministic static scanner. The scan found no malicious indicators, though 1 risky construct are reported for review. It can: network egress — capabilities are what the code can do, not a verdict on intent. Risk score 0/100 (low).

mcp-server-fetch 2026.6.4

python_package · pypi:mcp-server-fetch

LOW

/ 100 malicious-risk

Snapshot · scanned Jun 20, 2026 · mcp-server-fetch@2026.6.4 · engine 0.18.0 / ruleset 19

No malicious indicators - review capabilities before installing

Notable — review in context (capabilities are not malware):

Python network egress

No malicious indicators found by static analysis.

Capabilities — what this component can do (not a risk score):

network egress

Findings (1)

MEDIUMPython network egressST-NET-PY

The component makes outbound network requests.

src/mcp_server_fetch/server.py:2-2

from urllib.parse import urlparse, urlunparse

src/mcp_server_fetch/server.py:58-58

parsed = urlparse(url)

src/mcp_server_fetch/server.py:61-61

robots_url = urlunparse((parsed.scheme, parsed.netloc, "/robots.txt", "", "", ""))

src/mcp_server_fetch/server.py:71-71

from httpx import AsyncClient, HTTPError

src/mcp_server_fetch/server.py:75-75

async with AsyncClient(proxy=proxy_url) as client:

src/mcp_server_fetch/server.py:117-117

from httpx import AsyncClient, HTTPError

src/mcp_server_fetch/server.py:119-119

async with AsyncClient(proxy=proxy_url) as client:

Why it matters: Usually legitimate, but confirm the destinations are expected and no sensitive data leaves.

Fix: Confirm the destination hosts are expected and that no sensitive data is sent off-host.

Check your own component

Run the same evidence-backed scan on any MCP server, agent skill, or package.

Scan your own component

Or get notified if this component's risk changes:

How we determine this: deterministic static analysis (regex + AST), evidence-anchored, no code execution. Methodology →