Security Report

ActiveCampaign MCP Security Report

Independent security and governance assessment · Assessed June 24, 2026

Security

Compliance

MCPForge Score

Security Findings

Security

+Server reachable and responding

+No destructive operations detected

−Credentials Vault not configured — API keys may be exposed through direct agent access if tools require authentication

Compliance

−User/contact data handling detected (GDPR/CCPA obligations)

−Credentials Vault not configured — configure to ensure proper server-side key management

Risk Analysis

251 tools analyzed

High Risk46

Medium Risk90

Low Risk115

By Category

Delete44

Admin2

Write90

○No approval workflows configured

Governance Assessment

Formal Security Review

Not Started

Credentials Vault✗ Not Configured

Endpoint ProtectionNot Enabled

Audit Logging✓ Active — All tool invocations logged

Agent Reliability Assessment

Description Quality

211/211 tools have descriptions · avg 35 chars

100/100

Excellent

Output SanitizationPASS

Agent Reliability Score

99/100 · Excellent

Production Readiness

Verified — Production Ready

MCPForge Score

→Configure the Credentials Vault to protect API keys from direct agent exposure.

→Enable endpoint protection to require API key authentication on direct MCP calls.

→Start a formal Security Review to qualify for the "✓ Security Reviewed" badge.

→Review the 46 high-risk tools and configure approval workflows where appropriate.