MCP-Server-Client
by DCode-v05
Overview
An advanced AI assistant enabling natural language interaction (reading, analyzing, modifying) with local Excel spreadsheets via Google Gemini and the Model Context Protocol (MCP).
Installation
python -m backend.mainEnvironment Variables
- GEMINI_API_KEY
Security Notes
The FastAPI backend configures CORS with `allow_origins=['*']`, which is a critical security vulnerability for any deployment exposed to the internet, allowing arbitrary domains to make cross-origin requests. Although the LLM's file operations are sandboxed to the `excel_data/` directory (preventing directory traversal), this broad CORS policy could enable an unauthenticated attacker to make requests that control the LLM's tool calls, potentially leading to unauthorized modification or deletion of Excel data within the allowed directory. No explicit `eval()` or code obfuscation found.
Similar Servers
excel-mcp-server
This server allows AI agents to manipulate Excel files (create, read, update, format, chart, pivot, validate) without requiring Microsoft Excel to be installed.
mcp-google-sheets
Acts as an AI assistant's gateway to Google Sheets for automation and data manipulation.
gemini-flow
An AI workflow orchestration and execution platform that enables visual programming and integrates with Google's Gemini and Vertex AI services.
mcp-server-excel
Automate Microsoft Excel operations through natural language commands for AI assistants or via a command-line interface, including Power Query, DAX measures, VBA macros, PivotTables, Charts, Ranges, and Worksheets.