
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
mcp-search-console
Advanced tools
A Model Context Protocol (MCP) server for managing Google Search Console properties, sitemaps, and search analytics.
npm install -g mcp-search-console
Or use directly via npx:
npx mcp-search-console
Specify the path to your Google service account credentials. This can be done in two ways:
Set the GOOGLE_APPLICATION_CREDENTIALS
variable:
export GOOGLE_APPLICATION_CREDENTIALS=path/to/credentials.json
Create a .env
file with:
GOOGLE_APPLICATION_CREDENTIALS=path/to/credentials.json
The MCP provides the following Search Console functions:
search_console_api_list_sites
– List all sites with accesssearch_console_api_list_sitemaps
– List all sitemaps for a propertysearch_console_api_get_sitemap
– Details of a specific sitemapsearch_console_api_searchanalytics_query
– Retrieve search analytics data
HOUR
dimension and HOURLY_ALL
dataStateTo query hourly data, use the following parameters in your request:
{
"tool": "search_console_api_searchanalytics_query",
"parameters": {
"siteUrl": "https://example.com",
"requestBody": {
"startDate": "2025-04-07",
"endDate": "2025-04-07",
"dataState": "HOURLY_ALL",
"dimensions": ["HOUR"]
}
}
}
This returns results with timestamps per hour:
{
"rows": [
{
"keys": ["2025-04-07T00:00:00-07:00"],
"clicks": 17610,
"impressions": 1571473,
"ctr": 0.011206046810858348,
"position": 10.073871456906991
},
{
"keys": ["2025-04-07T01:00:00-07:00"],
"clicks": 18250,
"impressions": 1602341,
"ctr": 0.011389563095440307,
"position": 9.897654321098765
}
// ... more hours
]
}
You can also combine the HOUR dimension with other dimensions such as COUNTRY, DEVICE, etc.:
{
"tool": "search_console_api_searchanalytics_query",
"parameters": {
"siteUrl": "https://example.com",
"requestBody": {
"startDate": "2025-04-07",
"endDate": "2025-04-07",
"dataState": "HOURLY_ALL",
"dimensions": ["HOUR", "COUNTRY"]
}
}
}
search_console_api_list_crawl_errors
– List crawl errorssearch_console_api_get_crawl_error
– Details of a specific crawl errorsearch_console_api_mark_crawl_error_fixed
– Mark as fixedsearch_console_api_mobile_friendly_test
– Run a mobile-friendly test on a URLThis MCP works with Claude or other MCP Clients. Create a claude-mcp-config.json
with, for example:
{
"mcpServers": {
"google-search-console": {
"command": "npx",
"args": ["mcp-search-console"],
"cwd": "/tmp",
"env": {
"GOOGLE_APPLICATION_CREDENTIALS": "/path/to/your/credentials.json"
}
}
}
}
Replace /path/to/your/credentials.json
with the actual path to your Google service account credentials file.
cwd
parameter is important - it ensures the MCP runs in a clean directory.env
file is needed when using this configuration with ClaudeNO_COLOR
environment variable prevents color codes in the output, which can cause JSON parsing errors in Claudeclaude-mcp-config.json
file to Claude when starting a new conversationISC
FAQs
Google Search Console API tools via Model Context Protocol
The npm package mcp-search-console receives a total of 1 weekly downloads. As such, mcp-search-console popularity was classified as not popular.
We found that mcp-search-console demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.