npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

safebase-mcp

v1.0.3

Published

MCP server for the SafeBase by Drata API

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

infracodebaseinfracodebase

Keywords

mcpsafebasedratatrust-centermodel-context-protocol

Readme

SafeBase MCP Server

Manage your SafeBase by Drata Trust Center programmatically from Claude — accounts, members, access requests, knowledge base, questionnaires, and trust center updates.

SafeBase API Docs | Get an API Key

Use Cases

  • Account management — Create, update, search, and delete Trust Center accounts and members
  • Access request triage — List pending requests and approve or decline them conversationally
  • Knowledge base Q&A — Search, create, and update KB entries from your editor
  • Trust center updates — Publish incident and compliance updates to your Trust Center
  • Questionnaire automation — Upload questionnaires and retrieve completed results
  • Org configuration — Inspect NDA settings, permission profiles, and products

Quickstart

[!NOTE] You need a SafeBase API key. Generate one from Settings > API Keys at app.safebase.io/orgsettings#api-keys.

Add to ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "safebase": {
      "command": "npx",
      "args": ["safebase-mcp"],
      "env": {
        "SAFEBASE_API_KEY": "your-api-key-here"
      }
    }
  }
}
claude mcp add safebase -e SAFEBASE_API_KEY=your-api-key-here -- npx safebase-mcp

Add to ~/.cursor/mcp.json:

{
  "mcpServers": {
    "safebase": {
      "command": "npx",
      "args": ["safebase-mcp"],
      "env": {
        "SAFEBASE_API_KEY": "your-api-key-here"
      }
    }
  }
}

Add to your VS Code settings (.vscode/mcp.json):

{
  "mcpServers": {
    "safebase": {
      "command": "npx",
      "args": ["safebase-mcp"],
      "env": {
        "SAFEBASE_API_KEY": "your-api-key-here"
      }
    }
  }
}

Add to ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "safebase": {
      "command": "npx",
      "args": ["safebase-mcp"],
      "env": {
        "SAFEBASE_API_KEY": "your-api-key-here"
      }
    }
  }
}

Available Tools (33)

| Tool | Description | |------|-------------| | safebase_get_accounts | List/search accounts with filters (name, domain, member, status) and pagination | | safebase_create_account | Create a new account with domains, NDA provider, and permission profiles | | safebase_get_account_by_id | Get full details for a single account | | safebase_delete_account | Permanently delete an account | | safebase_edit_account | Update account fields (name, description, NDA, expiration) | | safebase_get_account_page_url | Get the private Trust Center sharing URL for an account |

| Tool | Description | |------|-------------| | safebase_search_account_members | Search members across accounts by email or Salesforce ID | | safebase_add_account_members | Add one or more members with optional invitation email | | safebase_delete_account_members | Remove members by email address | | safebase_notify_account_members | Send notification to members with optional custom message |

| Tool | Description | |------|-------------| | safebase_search_knowledge_base | Search KB entries by text query with product and pagination filters | | safebase_create_kb_entry | Create a Q&A entry with access level (public/private/internal) | | safebase_update_kb_entry | Update question, answer, comment, or access level |

| Tool | Description | |------|-------------| | safebase_get_access_requests | List access requests filtered by status (pending/approved/declined) | | safebase_approve_access_request | Approve a request under an existing or newly created account | | safebase_decline_access_request | Decline a request with optional notification message |

| Tool | Description | |------|-------------| | safebase_get_organization | Get org name, primary domain, and custom Trust Center domain | | safebase_get_organization_nda_settings | Get NDA provider configuration and defaults | | safebase_get_organization_settings | Get NDA, permission profiles, and access expiration settings | | safebase_get_organization_member_me | Get the current authenticated member's profile |

| Tool | Description | |------|-------------| | safebase_get_portal_products | List all products in the default portal with cards and compliance data | | safebase_get_products | List all organization products with visibility and card details |

| Tool | Description | |------|-------------| | safebase_upload_questionnaire | Upload a questionnaire file (xlsx/pdf/docx/csv/json/txt) for automated processing | | safebase_get_completed_questionnaire | Get a signed download URL for a completed questionnaire (60-min expiry) |

| Tool | Description | |------|-------------| | safebase_list_topics | List all Trust Center Update topics with their updates | | safebase_create_topic | Create a topic (compliance, vulnerabilities, incidents, subprocessors, general) | | safebase_get_topic_by_id | Get a topic and all its updates | | safebase_update_topic | Edit topic subject, category, or visibility | | safebase_delete_topic | Permanently delete a topic and its updates | | safebase_create_update | Publish an update via status page and/or email channels | | safebase_get_update_by_id | Get a single update | | safebase_edit_update | Edit an update's message | | safebase_delete_update | Permanently delete an update |

Examples

Triage pending access requests:

"Show me all pending access requests and approve any from @acme.com under the existing Acme account"

Search the knowledge base:

"Search the SafeBase knowledge base for entries about SOC 2 and update any that mention the old audit date"

Publish a trust center update:

"Create a new incident topic called 'Vendor Security Advisory' and publish an update to the status page saying we're investigating"

Manage account members:

"Add [email protected] and [email protected] to the Acme account and send them an invitation with a custom welcome message"

Configuration

| Environment Variable | Required | Description | |---------------------|----------|-------------| | SAFEBASE_API_KEY | Yes | Your SafeBase API key (generate one here) |

The API key is sent as the x-sb-api-key header on all requests to https://app.safebase.io/api/ext/v1/rest.

[!WARNING] Keep your API key secure. Do not commit it to version control. Use environment variables or your client's built-in secret management.

Troubleshooting

| Issue | Solution | |-------|----------| | SAFEBASE_API_KEY environment variable is required | Set the env var in your MCP client config or shell | | 403 Forbidden | API key is invalid or missing required scopes (e.g. accounts:view, accounts:edit) | | 404 Not Found | The resource ID doesn't exist or the API key doesn't have access | | Tools not appearing in client | Restart your MCP client after updating config. Check the config file path is correct. | | npx command not found | Ensure Node.js 18+ is installed: node --version |

License

This project is licensed under the GNU General Public License v3.0.