Todo.txt-MCP
Verified Safeby ArnoNuyts
Overview
Manages todo.txt files via a Model Context Protocol (MCP) server, enabling AI agents to list, add, edit, and mark tasks as done, with support for local file or WebDAV storage.
Installation
deno run --allow-net --allow-read --allow-write --allow-env server.tsEnvironment Variables
- PORT
- TODOTXT_MCP_BACKEND
- TODOTXT_MCP_LOCAL_FILENAME
- TODOTXT_MCP_WEBDAV_URL
- TODOTXT_MCP_WEBDAV_USERNAME
- TODOTXT_MCP_WEBDAV_PASSWORD
Security Notes
The server utilizes Deno's permission model for controlled resource access (--allow-net, --allow-read, --allow-write, --allow-env). Input validation is performed using Zod, mitigating common injection risks. Sensitive WebDAV credentials are configured via environment variables or a local configuration file, avoiding hardcoding. WebDAV authentication uses standard Basic Auth, meaning credentials are sent base64-encoded over HTTPS, which is typical for WebDAV but less secure than token-based approaches. No `eval` or dynamic code execution patterns were found. Todo IDs use SHA-256 hashing (truncated) for identification.
Similar Servers
mcp-container-ts
Provides a secure, extensible Model Context Protocol (MCP) server using Node.js and TypeScript, designed to expose custom tools to LLMs, deployable on Azure Container Apps with robust JWT and RBAC security.
mcp-http-agent-md
This server acts as a central hub for AI agents, managing project knowledge (AGENTS.md), structured tasks, version history, and ephemeral scratchpads, with capabilities to spawn context-isolated subagents for focused tasks.
AI-Prompt-Guide-MCP
Orchestrates AI agents for project management and development workflows by linking structured markdown specifications and tasks.
todo-mcp-server
Provides autonomous task management and random string generation for AI agents via Model Context Protocol (MCP) using stdio or HTTP transports.