Lightning MCP Server
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A changed or compromised external package could run code in the MCP server position and see the Lightning node pairing phrase and returned financial data.
The recommended MCP registration runs an unpinned npm package/pre-built binary outside the reviewed artifacts. Because this server would handle Lightning pairing credentials and node data, the lack of pinning, checksum, or included server source is a material provenance concern.
Zero-install via npx (downloads pre-built binary) claude mcp add --transport stdio lnc -- npx -y @lightninglabs/lightning-mcp-server
Prefer a reviewed local build from a verified source, pin the package version, and verify checksums or signatures before registering it with Claude Code.
Installing and using the skill means the MCP server and agent workflow can access sensitive Lightning node account context, even if the documented tools are read-only.
The pairing phrase/password is a sensitive delegated credential for connecting to an lnd node. This is expected for the skill’s purpose, but registry metadata declares no primary credential.
Agent calls `lnc_connect` with a pairing phrase and password
Use a least-privileged/read-only LNC pairing where possible, provide the pairing phrase only when needed, and revoke or rotate the pairing if you no longer trust the installed server.
Your Lightning node metadata and query timing may depend on the configured mailbox relay, even though the LNC tunnel is described as encrypted.
The skill routes the MCP server’s connection through an external LNC mailbox relay. The documentation says the tunnel is encrypted, and this is central to the purpose, but it is still an external communication path for node queries.
lightning-mcp-server <--LNC WebSocket--> Mailbox <--> lnd
Use the official production mailbox or a trusted relay, and avoid custom mailbox servers unless you control or trust them.
If installed globally, the Lightning MCP server may be available to Claude Code in projects where you did not intend to use Lightning node access.
The setup script can persistently add the MCP server to global Claude Code configuration, making it available across projects after restart. This is disclosed and user-directed, but it persists beyond a single task.
CONFIG_FILE="$HOME/.claude.json" ... UPDATED=$(echo "$CONFIG" | jq --argjson entry "$MCP_ENTRY" '.mcpServers.lnc = $entry')
Use project scope unless you need global access, and remove the `lnc` MCP entry from `.mcp.json` or `~/.claude.json` when no longer needed.
Using insecure mode with a real Lightning node could weaken connection security.
Development mode defaults to disabling TLS verification. The artifacts label this as development-only, so it is purpose-aligned, but unsafe if accidentally used for production.
dev)
MAILBOX="${MAILBOX:-mailbox.terminal.lightning.today:443}"
DEV_MODE="${DEV_MODE:-true}"
INSECURE="${INSECURE:-true}"Keep `LNC_INSECURE=false` for production and only use insecure mode with local/regtest environments.