drift-mcp
Health Warn
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 6 GitHub stars
Code Fail
- rm -rf — Recursive force deletion command in package.json
- network request — Outbound network request in src/apiClient.ts
- process.env — Environment variable access in src/index.ts
- network request — Outbound network request in src/tools/getSpansByIds.ts
Permissions Pass
- Permissions — No dangerous permissions requested
This MCP server connects AI assistants to the Tusk Drift API, allowing users to seamlessly search, debug, and analyze their application's API traffic, HTTP requests, and distributed traces.
Security Assessment
Overall Risk: Medium. The tool requires a Tusk API key to function, which is securely handled via environment variables without any hardcoded secrets. To perform its core functions, it makes expected outbound network requests to the Tusk API (`api.usetusk.ai`). However, there is a critical red flag: a recursive force deletion command (`rm -rf`) was detected inside the `package.json` file. This is a dangerous practice that could lead to accidental local data loss during installation or execution if triggered unintentionally. Additionally, it requests no dangerous system permissions.
Quality Assessment
The project is actively maintained, with its most recent push occurring today. It is properly licensed under the standard MIT license, and the documentation is thorough and easy to follow. However, community trust and visibility are currently very low, as indicated by only having 6 GitHub stars. This means the codebase has not been broadly vetted by the open-source community.
Verdict
Use with caution—the core functionality is safe and standard, but you should manually inspect the `package.json` file to understand the potentially destructive `rm -rf` script before installing.
MCP server for querying Tusk Drift API traffic data
Tusk Drift MCP
An MCP server for querying API traffic data captured by Tusk Drift. This enables AI assistants to search, analyze, and debug your application's API traffic, including HTTP requests, database queries, and distributed traces.
New to Tusk Drift? Check out our docs and sign up for an account.
Setup
Option 1: Remote MCP Server (Recommended)
Connect directly to the hosted Tusk Drift MCP server. This is the easiest setup and doesn't require running anything locally.
For Cursor:
Add to your Cursor MCP settings (~/.cursor/mcp.json or workspace .cursor/mcp.json):
{
"mcpServers": {
"tusk-drift": {
"url": "https://api.usetusk.ai/api/drift-mcp",
"headers": {
"x-api-key": "YOUR_TUSK_API_KEY"
}
}
}
}
For Claude Code:
Option A — CLI command:
claude mcp add --transport http tusk-drift https://api.usetusk.ai/api/drift-mcp \
--header "x-api-key: YOUR_TUSK_API_KEY"
Option B — Add to .mcp.json in your project root:
{
"mcpServers": {
"tusk-drift": {
"type": "http",
"url": "https://api.usetusk.ai/api/drift-mcp",
"headers": {
"x-api-key": "YOUR_TUSK_API_KEY"
}
}
}
}
For Claude Desktop:
{
"mcpServers": {
"tusk-drift": {
"command": "npx",
"args": ["-y", "mcp-remote", "https://api.usetusk.ai/api/drift-mcp"],
"env": {
"MCP_HEADERS": "{\"x-api-key\": \"YOUR_TUSK_API_KEY\"}"
}
}
}
}
Option 2: Local Installation (via NPX)
Run the MCP server locally. This is useful if you need offline access or custom configuration.
For Claude Desktop / Cursor:
Add to your claude_desktop_config.json or Cursor MCP settings:
{
"mcpServers": {
"tusk-drift": {
"command": "npx",
"args": ["-y", "@use-tusk/drift-mcp"],
"env": {
"TUSK_API_KEY": "YOUR_TUSK_API_KEY"
}
}
}
}
Configuration (env vars for local installation)
| Variable | Required | Description |
|---|---|---|
TUSK_API_KEY |
Yes | Your API token |
TUSK_DRIFT_API_URL |
No | Backend base URL (defaults to https://api.usetusk.ai). Use origins like https://api.usetusk.ai or http://localhost:8000, not /api/drift-mcp. |
TUSK_DRIFT_SERVICE_ID |
No | Service ID (auto-discovered from .tusk/config.yaml if not set) |
TUSK_WORKSPACE_ROOTS |
No | Comma-separated workspace roots to search for .tusk/config.yaml files when auto-discovering services |
Available Tools
| Tool | Description |
|---|---|
query_spans |
Search API traffic with flexible filters |
get_schema |
Get structure/schema of captured traffic |
list_distinct_values |
Discover available endpoints and field values |
aggregate_spans |
Calculate latency percentiles, error rates, counts |
get_trace |
View distributed traces as hierarchical trees |
get_spans_by_ids |
Fetch specific spans with full payloads |
Support
Need help? Open an issue or contact us at [email protected].
License
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found