ebay-assistant-mcp: why it is not safe to use
ebay-assistant-mcp passed our review (88/100); one caveat: it can make money-affecting eBay changes, so scope its OAuth token carefully.
What we found
**ebay-assistant-mcp** (YosefHayim/ebay-mcp) passed our security and privacy review with a score of 88/100. It is open-source (MIT), runs locally, and communicates only with eBay's own production and sandbox APIs over HTTPS. We saw no prompt-injection patterns, no hardcoded secrets, no cloud relay or telemetry, and no shell-out or file-wiping commands. Credentials (Client ID/Secret and OAuth refresh tokens) are written by the setup wizard to a local `.env` file and stay on your machine.
Our one caveat is scope. The skill exposes eBay's full Sell API, including write actions: creating, revising, and ending listings, running campaigns, and processing refunds. OAuth scopes and tool gating limit the blast radius, but an AI agent could still make money-affecting changes to a connected account.
What to do instead
This is a use-with-care approval, not a rejection. Start in eBay's sandbox to confirm behavior. When you go live, grant the narrowest OAuth scopes you need, keep your `.env` out of version control, and consider requiring confirmation before write actions such as refunds or listing changes.
Source: https://github.com/YosefHayim/ebay-mcp
We report what our security review found at the time we checked, with the goal of keeping people safe. Projects change; if a maintainer has since fixed this, we are glad to recheck it. Email hello@agentpod.com.