linkedin-mcp-server
by Jing-yilin
Overview
Provides a Model Context Protocol (MCP) server for accessing LinkedIn data via the HarvestAPI service.
Installation
node build/index.jsEnvironment Variables
- HARVESTAPI_API_KEY
- LINKEDIN_API_KEY
- PROXY_URL
- HTTP_PROXY
- HTTPS_PROXY
Security Notes
The server has a critical path traversal vulnerability. The `save_dir` parameter, available in most tools, takes an unsanitized string which is then used in `fs.writeFileSync(path.join(dir, filename))`. An attacker or malicious LLM prompt could provide a `save_dir` like `../../../../../tmp` to write files to arbitrary locations on the host system, potentially leading to data corruption, information disclosure, or even remote code execution if combined with writing an executable file to a known execution path.
Similar Servers
ms-365-mcp-server
Interacting with Microsoft 365 and Office services through the Graph API via a Model Context Protocol (MCP) server.
mcp-omnisearch
Provides a unified interface for various search, AI response, content processing, and enhancement tools via Model Context Protocol (MCP).
linkedin-mcp-server
This server acts as a Model Context Protocol (MCP) tool to enable LLMs to interact with the LinkedIn API for professional network data retrieval and interaction.
webscraping-ai-mcp-server
Integrates with WebScraping.AI to provide LLM-powered web data extraction, including question answering, structured data extraction, and HTML/text retrieval, with advanced features like JavaScript rendering and proxy management.