Is the run402 plugin safe?

Yes. Here's why you can trust it.

It's completely open source

Every line of code is public. Anyone can read it, check it, and verify what it does. Nothing is hidden.

Ask your AI to check it for you

Don't take our word for it. Paste this into your AI assistant and let it tell you whether the plugin is safe:

Copy this prompt for your agent

I'm thinking about installing the run402-mcp plugin. Before I do, please review its source code at https://github.com/kychee-com/run402-mcp and answer these questions:

1. Does it access or read any of my local files?
2. Does it send my data anywhere besides api.run402.com?
3. Does it have any hidden functionality beyond building web apps?
4. Is the code well-written and trustworthy?
5. Would you recommend I install it?

Your AI assistant will read through the code and give you an honest answer. We're confident in what it will find.

What it can do

Create web apps on run402.com servers
Set up a small database for your app
Deploy a website you can share with others
Delete apps you've created

What it absolutely cannot do

Read or access your personal files
Look at your browser history or passwords
Send emails or messages on your behalf
Install anything on your computer
Access any website or service besides run402.com
Charge you money without you knowing

Will it cost me anything?

No. By default, it uses free test money. This isn't real money — it's a practice currency on a test network. There is zero risk of unexpected charges.

If you decide you love the app you built and want to keep it running permanently, you choose to upgrade (starting at $5/month). This never happens automatically.

Where is my data?

Your app's data lives on secure servers (AWS, US region)
A small settings file is saved on your computer at ~/.config/run402/
The plugin sends no analytics or tracking data anywhere
All communication goes directly between your computer and api.run402.com — no third parties

Install the plugin More questions?