clickup-mcp-server
Verified Safeby Chisanan232
Overview
Facilitate AI-enabled applications interacting with the ClickUp API through a standardized Model, Capability, Protocol (MCP) server.
Installation
docker run -d -p 8000:8000 -e CLICKUP_API_TOKEN=your_token_here chisanan232/clickup-mcp-serverEnvironment Variables
- CLICKUP_API_TOKEN
Security Notes
The server uses `SecretStr` for API tokens and retrieves them from environment variables or .env files, which is good practice. However, the default CORS configuration allows all origins (`*`) and credentials (`true`), which is a significant security risk if the server is publicly exposed without adjusting these settings. Additionally, the webhook ingress endpoint (`/webhook/clickup`) appears to lack explicit signature verification for incoming payloads, making it vulnerable to spoofed events. For production deployment, strict CORS policies and webhook signature validation are critical to implement.
Similar Servers
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.
pypi-query-mcp-server
A Model Context Protocol (MCP) server for querying PyPI package information, dependencies, and compatibility checking, assisting AI agents in Python development workflows.
click-mcp
A Python library that enables AI agents to interact with Click CLI applications by converting commands into Model Context Protocol (MCP) tools.
mcp-servers
Provides an MCP server for Qdrant vector database integration, enabling AI agents to perform semantic search, store documents, and manage collections with advanced multi-tenant filtering capabilities.