npm:@yawlabs/ssh-mcp
What it offers — 21 tools · Developer Tools
ssh_execExecute a command on a remote host via SSH. The command is interpreted by the remote login shell \u2014 pipes, redirects, globs, and other shell metac
ssh_read_fileRead a file from a remote host via SFTP.
ssh_write_fileWrite content to a file on a remote host via SFTP. Creates or overwrites the file.
ssh_uploadUpload a local file to a remote host via SFTP.
ssh_downloadDownload a file from a remote host to local filesystem via SFTP.
ssh_lsList files in a directory on a remote host via SFTP.
ssh_statGet metadata for a file or directory on a remote host via SFTP. Returns size, permissions (octal), uid/gid, mtime/atime, and type flags (isFile, isDir
ssh_mkdirCreate a directory on a remote host via SFTP. Set
ssh_deleteDelete a file or empty directory on a remote host via SFTP. Auto-detects the path type and calls the right SFTP op (unlink for files/symlinks, rmdir f
ssh_diagnoseDiagnose SSH connectivity issues. Checks ssh-agent status, loaded keys, known_hosts, SSH config, and attempts a test connection. Use this BEFORE attem
ssh_agent_ensureEnsure ssh-agent is running and reachable. Starts a new agent if needed and sets environment variables so subsequent SSH operations work. Use this FIR
ssh_key_listList all SSH private keys in ~/.ssh/ with their type, fingerprint, and whether they are loaded in the agent. Use this to find which keys are available
ssh_key_loadLoad an SSH private key into the running agent. Ensures the agent is running first. Use this after ssh_key_list shows a key that is not loaded.
ssh_config_lookupResolve the effective SSH configuration for a host. Shows hostname, user, port, identity files, proxy settings, and all other options from ~/.ssh/conf
ssh_known_hosts_fixRemove a stale host key from known_hosts and re-scan the host to add the current key. Use this when you see
ssh_testQuick connectivity test to an SSH host. Reports success/failure with timing and actionable error details. Lighter and faster than ssh_diagnose \u2014
ssh_git_checkTest Git-over-SSH authentication to a hosting provider (GitHub, GitLab, Bitbucket, etc). Verifies your SSH key is registered and working. Use this whe
ssh_multi_execExecute a command on multiple remote hosts in parallel. Returns results per host. Use this instead of calling ssh_exec multiple times \u2014 it
+3 more tools
- ✓ depends on an MCP SDK
- ✓ declares a bin entry (runnable server)
- ✓ 21 tool(s) detected in source
- ⚠ references sensitive file paths / env secrets
- uses eval/exec/child_process (review for unsanitized input)
- scanned 2 source files
- published within 90 days
- 16 published versions
- no TypeScript types
- 3 runtime deps
- ✓ public repository linked
- ✓ MIT license
Findings
We re-grade npm:@yawlabs/ssh-mcp on a schedule and alert your Slack/webhook the moment its tools change or its grade drops — rug-pull insurance for the connection.
Share this report card
A 1200×630 card with the grade + audit — drop it in a post, Slack, or your repo.
Embed this grade
A live badge — it re-verifies itself and shows current stability. Static scorecards can't. Paste it in your README or site to show users you're independently audited.
[](https://wmcp.sh/mcp/grade/npm%3A%40yawlabs%2Fssh-mcp)
<a href="https://wmcp.sh/mcp/grade/npm%3A%40yawlabs%2Fssh-mcp"><img src="https://wmcp.sh/mcp/grade/npm%3A%40yawlabs%2Fssh-mcp/badge.svg" alt="MCP Trust Grade C- · wmcp.sh"></a>
Agents: check this before connecting
Add the wmcp.sh trust oracle as an MCP server and call grade_mcp_server / check_mcp_drift in your agent's pre-connection gate:
https://wmcp.sh/mcp/trust
readOnly vs observed behavior) layer on via the wmcp.sh proxy.