Sefaria MCP Server
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is a coherent Sefaria text-access integration, with the main caution being that it asks users to run an external npm MCP server package.
This appears safe for its stated purpose. Before installing, confirm that the npm package and linked GitHub repository are the ones you intend to trust, and avoid entering private information into religious-text search queries unless you are comfortable with how the MCP server and Sefaria handle them.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill as documented may execute code from the npm package rather than code reviewed in this artifact set.
The skill is instruction-only and directs users to install or run an external npm package that is not included in the provided artifacts. This is expected for an MCP-server integration, but package provenance/version should be checked.
npm install -g sefaria-mcp-server ... "command": "npx", "args": ["-y", "sefaria-mcp-server"]
Verify the npm package and linked GitHub repository, consider pinning a trusted version, and install only if you trust that package maintainer.
Queries sent through this MCP server may be processed by the server and potentially by Sefaria-related services.
The skill adds an MCP server that receives user requests and returns content from Sefaria-oriented tools. This is the intended function and no credential or private-data handling is shown.
Access Jewish texts ... via MCP ... Tools: get_text, search, get_links, get_parsha, get_calendars
Avoid sending private or sensitive personal information in search queries unless you trust the MCP server and its upstream service behavior.