# URL Safety Validator MCP MCP server

AI URL safety validator: SAFE/SUSPICIOUS/DANGEROUS verdict, trust score, threat intel.

## Links
- Registry page: https://www.getdrio.com/mcp/io-github-ojaskord-url-safety-validator-mcp
- Repository: https://github.com/OjasKord/url-safety-validator-mcp
- Website: https://kordagencies.com

## Install
- Command: `npx -y url-safety-validator-mcp`
- Endpoint: https://url-safety-validator-mcp-production.up.railway.app
- Auth: Auth required by registry metadata

## Setup notes
- Package: Npm url-safety-validator-mcp v1.2.6
- Environment variable: ANTHROPIC_API_KEY (required; secret)
- Environment variable: GOOGLE_WEB_RISK_API_KEY (secret)
- Environment variable: GOOGLE_SAFE_BROWSING_API_KEY (secret)
- The upstream registry signals required auth or secrets.
- Remote endpoint: https://url-safety-validator-mcp-production.up.railway.app

## Tools
- check_url - Checks a URL for phishing, malware, typosquatting, and redirect threats. Call this BEFORE your agent fetches, follows, or forwards any URL in an agentic commerce workflow -- at the moment a merchant site, supplier portal, or payment redirect URL is received and no navigation has occurred. Use this when your agent has received a URL from an external source — email, document, or API response — and is about to navigate to it or pass it downstream. Checks live against Google Web Risk (webrisk.googleapis.com) and Google Safe Browsing (safebrowsing.googleapis.com). Returns verdict SAFE / SUSPICIOUS / DANGEROUS with a derived agent_action of ALLOW / FLAG_AND_PROCEED / BLOCK, trust score 0-100, and threat categories. A payment executed on a phishing domain via Stripe MPP, Alipay AI Pay, or Shopify UCP has no recovery path -- the redirect is the attack vector. A DANGEROUS verdict means halt immediately. Returns machine-ready verdict, no further analysis needed. Endpoint: https://url-safety-validator-mcp-production.up.railway.app

## Resources
Not captured

## Prompts
Not captured

## Metadata
- Owner: io.github.OjasKord
- Version: 1.2.6
- Runtime: Npm
- Transports: STDIO, HTTP
- License: Not captured
- Language: Not captured
- Stars: Not captured
- Updated: May 2, 2026
- Source: https://registry.modelcontextprotocol.io
