ToolTrust
D55/100
Smithery

betterstack

mcpsmithery

@Smithery

Monitor system availability, manage incident response workflows, and query telemetry data via SQL. Visualize logs, traces, and metrics with custom dashboards and interactive charts. Automate on-call scheduling and status page updates to keep teams informed during outages.

By Smithery | 138 findings | Scanned 4/19/2026 | tooltrust-scanner/v0.3.8

18 High29 Medium16 Low75 Info

Risk Summary

Block in Production

Dep Visibility + Excessive Permissions risk is significant. Avoid using this in production agents.

Potential impact: This finding indicates the tool should be reviewed before it is trusted.

Recommended action: This tool should stay disabled in production agents until the flagged risks are fixed and the scan is clean.

{
  "mcpServers": {
    "betterstack": {
      "disabled": true
    }
  }
}

Security Findings (138)

  • HighAS-002

    ⚠️Excessive Permissions ×16

    tool declares network permission

    telemetry_querytelemetry_chartuptime_list_monitors_tooltelemetry_build_explore_query_tooltelemetry_build_metric_query_tooltelemetry_create_application_tooltelemetry_create_cloud_connection_tooltelemetry_create_source_tooltelemetry_get_errors_query_instructions_tooltelemetry_get_metric_query_instructions_tooltelemetry_get_query_instructions_tooltelemetry_get_replays_query_instructions_toolbetter_stack_search_documentation_tool

    tool declares exec permission

    telemetry_querytelemetry_chartuptime_create_incident_tool

    Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

  • HighAS-010

    🔑Insecure Secret Handling ×2

    input parameter "password" appears to accept a secret or credential

    telemetry_querytelemetry_chart

    Fix: Avoid accepting raw credentials as input parameters. Use secret managers (e.g. 1Password CLI, AWS Secrets Manager) and ensure credentials are never logged or stored in agent traces.

  • MediumAS-002

    ⚠️Excessive Permissions ×29

    tool declares db permission

    telemetry_querytelemetry_charttelemetry_add_chart_to_dashboard_tooltelemetry_build_explore_query_tooltelemetry_build_metric_query_tooltelemetry_create_cloud_connection_tooltelemetry_edit_chart_tooltelemetry_get_chart_details_tooltelemetry_get_errors_query_instructions_tooltelemetry_get_metric_details_tooltelemetry_get_metric_query_instructions_tooltelemetry_get_query_instructions_tooltelemetry_get_replays_query_instructions_tooltelemetry_get_source_fields_tooltelemetry_list_clusters_tool

    tool declares fs permission

    uptime_create_incident_comment_tooluptime_create_incident_tooluptime_create_status_page_report_tooluptime_create_status_page_report_update_tooluptime_get_status_page_report_update_tooluptime_list_status_page_report_updates_tooltelemetry_create_application_tooltelemetry_create_cloud_connection_tooltelemetry_create_dashboard_tooltelemetry_create_source_tooltelemetry_remove_chart_tooltelemetry_remove_dashboard_section_tooltelemetry_remove_dashboard_tooltelemetry_update_error_state_tool

    Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

  • LowAS-011

    ℹ️Missing Rate-Limit / Timeout ×14

    tool performs network or execution operations but declares no rate-limit, timeout, or retry configuration

    telemetry_querytelemetry_chartuptime_create_incident_tooluptime_list_monitors_tooltelemetry_build_explore_query_tooltelemetry_build_metric_query_tooltelemetry_create_application_tooltelemetry_create_cloud_connection_tooltelemetry_create_source_tooltelemetry_get_errors_query_instructions_tooltelemetry_get_metric_query_instructions_tooltelemetry_get_query_instructions_tooltelemetry_get_replays_query_instructions_toolbetter_stack_search_documentation_tool

    Fix: Declare explicit rate-limit, timeout, and retry configuration for all network and execution tools. Implement exponential back-off and surface resource state to the calling agent.

  • LowAS-002

    ⚠️Excessive Permissions ×2

    input schema exposes 12 properties (threshold: 10)

    uptime_create_incident_tool

    input schema exposes 13 properties (threshold: 10)

    uptime_escalate_incident_tool

    Fix: Tool requests broad permissions (exec/fs/network). Validate input parameters using Enums where possible, and restrict file system operations to explicit allowed directories.

  • InfoAS-014

    ℹ️Dependency Inventory Unavailable ×75

    Tool did not expose metadata.dependencies or repo_url, so supply-chain coverage is limited.

    telemetry_querytelemetry_chartuptime_acknowledge_incident_tooluptime_create_incident_comment_tooluptime_create_incident_tooluptime_escalate_incident_tooluptime_get_incident_comments_tooluptime_get_incident_tooluptime_get_incident_escalation_options_tooluptime_get_incident_timeline_tooluptime_list_incidents_tooluptime_resolve_incident_tooluptime_get_escalation_policy_tooluptime_get_severity_tooluptime_list_escalation_policies_tooluptime_list_severities_tooluptime_get_monitor_availability_tooluptime_get_monitor_tooluptime_get_monitor_response_times_tooluptime_list_monitors_tooluptime_get_heartbeat_availability_tooluptime_get_heartbeat_tooluptime_list_heartbeats_tooluptime_get_on_call_tooluptime_get_on_call_event_tooluptime_get_on_call_rotation_tooluptime_list_on_call_events_tooluptime_list_on_calls_tooluptime_create_status_page_report_tooluptime_create_status_page_report_update_tooluptime_get_status_page_tooluptime_get_status_page_resources_tooluptime_get_status_page_report_update_tooluptime_list_status_page_reports_tooluptime_list_status_pages_tooluptime_list_status_page_report_updates_tooltelemetry_add_chart_to_dashboard_tooltelemetry_add_dashboard_section_tooltelemetry_build_explore_query_tooltelemetry_build_metric_query_tooltelemetry_create_application_tooltelemetry_create_cloud_connection_tooltelemetry_create_dashboard_tooltelemetry_create_source_tooltelemetry_edit_chart_tooltelemetry_export_dashboard_tooltelemetry_get_application_details_tooltelemetry_get_chart_building_instructions_tooltelemetry_get_chart_details_tooltelemetry_get_dashboard_details_tooltelemetry_get_error_details_tooltelemetry_get_errors_query_instructions_tooltelemetry_get_metric_details_tooltelemetry_get_metric_query_instructions_tooltelemetry_get_metrics_and_cardinality_tooltelemetry_get_query_instructions_tooltelemetry_get_replays_query_instructions_tooltelemetry_get_source_details_tooltelemetry_get_source_fields_tooltelemetry_import_dashboard_tooltelemetry_list_applications_tooltelemetry_list_clusters_tooltelemetry_list_dashboard_templates_tooltelemetry_list_dashboards_tooltelemetry_list_data_regions_tooltelemetry_list_releases_tooltelemetry_list_sources_tooltelemetry_list_teams_tooltelemetry_move_charts_tooltelemetry_remove_chart_tooltelemetry_remove_dashboard_section_tooltelemetry_remove_dashboard_tooltelemetry_rename_dashboard_tooltelemetry_update_error_state_toolbetter_stack_search_documentation_tool

    Fix: Review and remediate the identified issue.

Scan this tool yourself

Reproduce this audit locally, integrate into CI, or let your agent audit its own tools.

Install once, then scan any MCP server:

$ curl -sfL https://raw.githubusercontent.com/AgentSafe-AI/tooltrust-scanner/main/install.sh | bash
$ tooltrust-scanner scan --server "npx -y betterstack"

Adjust the package name if your npm registry name differs from the tool ID. View source

Add badge to your README

Copy this Markdown to show your ToolTrust grade on GitHub.

[![ToolTrust Grade D](https://raw.githubusercontent.com/AgentSafe-AI/tooltrust-directory/main/docs/badges/grade-d.svg)](https://github.com/AgentSafe-AI/tooltrust-directory)