Skip to content

node2flow-facebook-pages.md

Latest commit

 

History

History
617 lines (369 loc) · 15.2 KB

node2flow-facebook-pages.md

File metadata and controls

617 lines (369 loc) · 15.2 KB

🟠 node2flow-facebook-pages

MCP server for Facebook Pages API — manage posts, comments, photos, videos, insights, and Messenger conversations through 28 tools.

Features

  • Create, update, delete, and schedule posts
  • Upload photos and videos from URL
  • Comment management and moderation (reply, hide, delete)
  • Page insights and post analytics
  • Messenger conversations (list, read, send messages, typing indicator)
  • Multi-page support with per-page access tokens

28 Tools

Pages (3): List managed pages, get page info, get page access token Posts (6): List, get, create, update, delete, schedule posts Comments (5): List, create, reply, delete, hide/unhide comments Photos (3): Upload from URL, list, delete Videos (3): Upload from URL, list, delete Insights (4): Page insights, post insights, fan demographics, page views Conversations (4): List conversations, get messages, send message, typing indicator

Configuration

  • FACEBOOK_PAGE_ACCESS_TOKEN (required) — Page Access Token with pages_manage_posts, pages_manage_engagement, read_insights, pages_messaging permissions
  • FACEBOOK_PAGE_ID (optional) — Page ID, auto-detected from token if not set
Field Value
Grade C
Risk Score 40
Version smithery
Vendor Smithery
Source node2flow-facebook-pages
Scan Date 2026-04-19
Scanner tooltrust-scanner/v0.3.8

Findings Summary

Severity Count
Critical 0
High 5
Medium 10
Low 4
Info 28

Detailed Findings

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 AS-002 — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 AS-002 — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 AS-002 — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🟠 🔑 AS-002 — Excessive Permission Surface

Severity: High

Description: tool declares exec permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟠 🔑 AS-002 — Excessive Permission Surface

Severity: High

Description: tool declares network permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

🔵 ⚡ AS-011 — DoS Resilience — Missing Rate Limit / Timeout

Severity: Low

Description: tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

Recommendation: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

🟡 🔑 AS-002 — Excessive Permission Surface

Severity: Medium

Description: tool declares fs permission

Recommendation: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

AS-014 — DEPENDENCY_INVENTORY_UNAVAILABLE

Severity: Info

Description: Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

Recommendation: Review and remediate the identified issue.

Scored using ToolTrust methodology · Raw JSON report