Yes, Activitypub is free to use.

How do I install Activitypub?

Activitypub is a local plugin. Install it using npm package: activitypub-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

Is Activitypub safe to use?

Activitypub was flagged by MCP Marketplace's security scan, scoring 4.2/10 (high risk). It has 6 high or critical findings to review. Review the security report on this page carefully before installing it.

What credentials does Activitypub need?

Activitypub requires the following credentials or environment variables: ACTIVITYPUB_ENABLE_WRITES, LOG_LEVEL. You can find setup instructions on the server detail page.

What AI apps work with Activitypub?

Activitypub uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Activitypub MCP Server

by Cameronrye

Developer ToolsUse Caution4.2MCP RegistryLocal

Free

Server data from the Official MCP Registry

Read-only-by-default MCP server: let LLMs explore the Fediverse — Mastodon, Misskey, Pleroma.

About

Read-only-by-default MCP server: let LLMs explore the Fediverse — Mastodon, Misskey, Pleroma.

Security Report

4.2

Use Caution4.2High Risk

The ActivityPub MCP server is a well-architected fediverse client with thoughtful security design, including read-only defaults, audit logging, and rate limiting. However, several moderate findings require attention: untrusted content handling could be more consistent, credential handling relies on environment variables without validation of expiration/rotation, and there are gaps in validation of user-supplied URLs and media. The server's security posture is reasonable for its purpose, but users should carefully review SECURITY.md before enabling writes. Supply chain analysis found 10 known vulnerabilities in dependencies (0 critical, 6 high severity). Package verification found 1 issue.

3 files analyzed · 19 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

What You'll Need

Set these up before or after installing:

Enable write/mutation tools (post, reply, follow, boost, block). Off by default: read-only unless set to 'true'. See SECURITY.md.Optional

Environment variable: ACTIVITYPUB_ENABLE_WRITES

Logging verbosity: debug, info, warn, or error.Optional

Environment variable: LOG_LEVEL

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-cameronrye-activitypub-mcp": {
      "env": {
        "LOG_LEVEL": "your-log-level-here",
        "ACTIVITYPUB_ENABLE_WRITES": "your-activitypub-enable-writes-here"
      },
      "args": [
        "-y",
        "activitypub-mcp"
      ],
      "command": "npx"
    }
  }
}

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

Activitypub MCP Server

About

Security Report

Findings (19)Action required

Permissions Required

What You'll Need

How to Install

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Fetch

Toleno

mcp-creator-python

MarkItDown

FinAgent