Box MCP Server
MCP server for searching and reading files in Box cloud storage
Score Breakdown
Server Info
- Package
- box-mcp-server
- Registry
- npm
- Repository
- hmk/box-mcp-server
- Maintainer
- Community
- Category
- Document Management
- Tags
- filescontententerprise
- Last Scanned
- 7 Apr 2026
Findings
5 issuesAuthentication & Identity
HIGHNo per-request auth - requires instance-per-user
Stdio-only transport. Auth to Box API via developer token (BOX_DEV_TOKEN) or JWT auth (BOX_JWT_CONFIG_PATH or BOX_JWT or BOX_JWT_BASE64 combined with BOX_USER_ID). Multiple auth methods supported but all through env vars. No MCP OAuth or HTTP transport. For multi-tenant deployment, the platform must spawn a separate server instance per user.
Add HTTP/SSE transport to accept per-request Authorization headers, or implement the MCP OAuth spec.
Tool Schema Quality
MEDIUMOnly 0 of 2 schemas have parameter constraints
Most schemas lack maxLength, enum, or pattern constraints on string parameters.
Add constraints to string parameters, especially on write operations.
Data Exposure
LOWNo field selection on responses
Responses return full records rather than projected fields.
Implement field selection to return only relevant fields.
Maintenance & Trust
LOWCommunity-maintained by @hmk (individual developer)
No official vendor backing.
Seek vendor verification.
HIGH13 dependency vulnerabilities (1 critical, 5 high)
npm audit found 1 critical and 5 high severity CVEs.
Run `npm audit fix` and update vulnerable dependencies.
Tools
2 total| Name | Description | Risk |
|---|---|---|
| search | Search for files and folders across all of Box (not limited to root folder). Returns URIs that can be used with resource commands. | read |
| read | Read the content of a Box file directly | read |
Deploy Box MCP Server securely
CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.
Deploy on CompleteFlow