mcp_project
Verified Safeby AlexandrosMelis
Overview
An AI-powered chatbot for searching, extracting, and summarizing academic papers using the Model Context Protocol (MCP).
Installation
npx @modelcontextprotocol/inspector uv run src/research_server.pyEnvironment Variables
- ANTHROPIC_API_KEY
Security Notes
The `extract_info` tool takes a `paper_id` as input, which is then used as a dictionary key to search within `papers_info.json` files. While the `topic` parameter for file path construction is sanitized (`lower().replace(" ", "_")`), direct user input for `paper_id` is not explicitly validated against path traversal characters. However, its use as a dictionary key rather than directly in file paths mitigates direct arbitrary file reading/writing. The server also uses `ANTHROPIC_API_KEY` from environment variables, which is a good practice. No 'eval' or other highly dangerous patterns were observed. Overall, it's moderately safe, but careful input sanitization for `paper_id` as a dictionary key is still recommended for robustness against potential argument injection attacks if the `papers_info.json` could be malformed or manipulated.
Similar Servers
mcp-typescript-template
This server acts as a template for building remote Model Context Protocol (MCP) servers using TypeScript, handling MCP tool registration and session management over HTTP.
django-ai-boost
Provides a Model Context Protocol (MCP) interface for Django applications, allowing AI assistants to introspect project details like models, URLs, settings, and database schema.
inspector
Interactive developer tool for testing and debugging MCP (Model Context Protocol) servers, with support for MCP-UI and OpenAI Apps SDK widgets.
mcp-servers
Provides current weather conditions and forecasts from the Open-Meteo API for a given geographical location.