Does mcp-server-time send data, and where? — data-flow verdict
provisional · AUTOMATED — forensic confirmation pending. A preliminary, fact-based result, not a judgment.
100/100 integrity
100% evidence coverage
evidence-backed
Measures evidence support, not confidence — how this is scored
Verdict (the facts)
- Tool
- pip/mcp-server-time
- Integrity axis
- honest — Observed behaviour matches its description; no undisclosed recipient.
- Data-flow axis
- No network egress to external destinations was observed — the tool ran purely locally.
- Disclosure
- n/a — No external egress was observed; there is nothing to disclose.
- Capture self-test
- verified
- Severity
- none — integrity axis (no undeclared exfiltration; no egress at all).
- Version (pinned)
- 2026.6.4 · commit
- Content hash
- sha256:faa3e1d05bac91df70c60cdcfde0212f1858895edaa4bae1f708f479b8707cd5
- Signature
- ed25519:1BjariKeTWVQIXUbw/04gXXYhQxRgINaKeU9ye… · Ed25519 public key · sha256:49cf8457b42a7048
- Scanned
- 2026-06-13T00:00:00Z — Pinned to mcp-server-time@2026.6.4, published 2026-06-04. This verdict applies to that exact version; a newer release would require a re-scan.
- Re-verified
- 2026-06-14 — pinned version current
- Categories
- dev-tools no-egress published
- Observation history
- 1 scan(s); first seen 2026-06-13T00:00:00Z · latest 2026-06-13T00:00:00Z
Observed egress destinations
| host | country | jurisdiction | class | disclosure | frequency | kind |
|---|
Jurisdiction context:
Disclosure check (the §824 evidence)
- Read
- Quoted from the tool's own docs
- “”
- Match
- No external egress was observed; there is nothing to disclose.
- Residual gap
How we know this — claims by basis
A verdict is a reproducible evidence container, not just a claim. Each assertion is tagged: an observation is in the capture and reproducible; an inference is our reasoning over it; documented is the tool’s own statement; a classification is our adversarially-reviewed judgment. Observation never reads as inference.
Observed — directly in the capture, reproducible
- No network egress to an external destination was observed during the scan. — Capture self-test: verified — a decoy beacon emitted from the tool's own network context appeared in the intercept, so the absence is a verified negative, not a blind spot. (confidence: high)
Classified — our adversarially-reviewed judgment
- No telemetry, analytics or error-reporting side-channel was found. — Reviewed against the tool's observed behaviour in the run. (confidence: medium)
Method
Installed and run in an isolated container; fed traceable decoy data; all outbound traffic intercepted (TLS broken via own CA, iptables transparent redirect). A beacon self-test confirmed the capture was live.
Scope
Compares the tool's declared destinations against what was observed in one sandbox run. Checks transparency / integrity for a cooperative tool, NOT resistance to deliberate evasion. "honest"/"clean" means "observed without deviation within our reach", NOT "guaranteed no hidden egress".
Out of scope: exfiltration split/chunked across requests; tool-side encryption of the payload before egress; input/time/state-triggered processing not triggered in the run.
Machine-readable verdict: /verdict/time.json.
This page describes observed behaviour and its relation to the tool's own disclosures — it is not a legal judgment.
Search context: does mcp-server-time send data, mcp-server-time privacy, mcp-server-time data flow, mcp-server-time telemetry, where does mcp-server-time send data, is mcp-server-time safe, what data does mcp-server-time collect, how to disable mcp-server-time telemetry, mcp-server-time opt out tracking, mcp-server-time GDPR data residency, mcp-server-time third-party / jurisdiction.