Zapier MCP
ReviewAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate Zapier integration, but it stores a powerful Zapier MCP URL and can expose broad app actions without tight origin or action-safety boundaries.
Install only if you intentionally want your agent to use Zapier. Before connecting, limit Zapier MCP to specific low-risk actions, verify the MCP URL is from zapier.com, and treat the saved URL as a secret credential.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If broad Zapier actions are exposed, an agent mistake or ambiguous instruction could change external accounts, send messages, or create business records.
The documented examples show the agent can use Zapier tools to send email, post messages, and create records/events in third-party apps.
mcporter call zapier-mcp.gmail_send_email ... / google_sheets_create_row ... / google_calendar_create_event ...
Expose only the Zapier actions you actually want the agent to use, and require explicit confirmation before sending messages, creating records, or touching financial/business systems.
A mistaken or deceptive URL could register a non-Zapier MCP server under the Zapier name, letting an unexpected remote endpoint define tools and receive tool-call instructions.
The backend only enforces HTTPS and does not restrict the configured MCP server to Zapier’s documented actions.zapier.com/mcp origin.
if (!mcpUrl.startsWith("https://")) { ... error: "MCP URL must use HTTPS" }Verify the URL begins with the official Zapier MCP origin, and the implementation should restrict or clearly warn on non-Zapier MCP URLs.
Anyone who gets the MCP URL may be able to access the Zapier actions configured for that URL.
The MCP URL acts as an authentication secret for the user’s configured Zapier actions, even though registry metadata lists no primary credential.
Zapier MCP uses a simple URL-based authentication — just paste your MCP URL and you're connected.
Treat the MCP URL like an API key: do not share it, avoid screenshots/logs that reveal it, and regenerate it in Zapier if exposed.