mcp-recipe-collector
Verified Safeby Letitia-May
Overview
A Model Context Protocol (MCP) server that acts as a proxy for AI assistants to search, retrieve, and add recipes to a local recipe API.
Installation
node index.tsEnvironment Variables
- OPENAI_API_KEY
Security Notes
The MCP server makes HTTP requests to a local recipe API (http://127.0.0.1:8080). For the 'searchRecipes' tool, the user-provided 'term' parameter is directly interpolated into the URL query string. If the underlying recipe API does not implement robust input sanitization for this 'query' parameter, it could be vulnerable to injection attacks (e.g., SQL injection, command injection) if a sophisticated attacker compromises the client interacting with this MCP server. The 'id' parameter for 'getRecipeById' is validated as a number using Zod, mitigating direct injection risk for that endpoint. No obvious hardcoded secrets or malicious patterns were found in the provided source code.
Similar Servers
boilerplate-mcp-server
Provides a production-ready foundation for developing custom Model Context Protocol (MCP) servers in TypeScript to connect AI assistants with external APIs and data sources, exemplified by an IP geolocation tool.
mcp-typescript-starter
A feature-complete Model Context Protocol (MCP) server template in TypeScript demonstrating all major MCP features for AI assistant interaction.
family-serve-delicious
AI-driven, constraint-aware meal planning for families and groups using local LLM models.
mcp-server-template-nodejs-19
A TypeScript template for building Model Context Protocol (MCP) servers to enable communication with AI assistants and other MCP clients.