gradio-mcp-hack
Verified Safeby AubinSeptier
Overview
The MCP Server provides AI agents with tools to search for job offers and analyze resumes, specifically for job seekers.
Installation
python src/france-chomage-mcp-server/app.pyEnvironment Variables
- NEBIUS_API_KEY
Security Notes
The server uses `os.environ.get` for API keys (e.g., NEBIUS_API_KEY), avoiding hardcoded secrets. It relies on external libraries like `pdf2image` (requiring `poppler-utils`) and `jobspy` for PDF processing and web scraping, respectively. While these introduce dependencies that could have their own vulnerabilities, the server's code itself does not show immediate signs of `eval`, `exec`, or direct shell injection. Network requests are made to external LLM/VLM APIs (Nebius) and job boards (JobSpy), which is inherent to its functionality. The `BlaxelToolWrapper` in the agentic client part can convert local file paths to base64 for remote transmission, which could be a risk if arbitrary server-side paths were allowed as input, but in the context of the Gradio application, `gr.File` typically handles user uploads safely by providing temporary paths to the uploaded content.
Similar Servers
mcp_cafe
Simulates technical discussions with various AI agent personalities to aid in problem-solving and brainstorming.
searchcraft-mcp-server
An MCP server that enables AI agents to manage Searchcraft clusters by performing operations on indexes, documents, federations, authentication keys, analytics, and generating search applications from JSON data via natural language prompts.
skillz
Serves structured 'skills' and their associated resources via the MCP protocol, enabling AI clients (especially non-Claude ones) to interact with and utilize Anthropic-style functionalities.
juleson
An AI-powered coding agent and automation toolkit that integrates with Google's Jules AI via CLI and MCP for comprehensive software development workflows.