mcp-server
by M0hitMehra
Overview
This server acts as a Model Context Protocol (MCP) provider, exposing MongoDB database operations (CRUD, listing databases/collections, and advanced identifier-aware search) as callable tools for AI agents.
Installation
tsx server.tsEnvironment Variables
- MONGODB_URI
- MONGO_DB_NAME
- GEMINI_API_KEY
- TRANSPORT
- HTTP_PORT
- DANGEROUSLY_OMIT_AUTH
Security Notes
CRITICAL: Hardcoded production MongoDB connection URI with username and password (`finconic-dev:f0WW8QlcQxZwErVq`) is present in both `dserver.js` and `server.ts`. The server exposes an unauthenticated HTTP API (if `TRANSPORT=http` or `HTTP_PORT` is set) with permissive CORS (`*`), allowing any client to invoke MongoDB CRUD and query tools with arbitrary arguments, directly leveraging these hardcoded, high-privileged credentials. The 'query-documents' tool's filter parameter accepts `z.record(z.any())`, enabling arbitrary MongoDB filter objects, which is extremely dangerous without robust authentication and authorization.
Similar Servers
mcp-server-typescript
Provides a Model Context Protocol (MCP) server to enable AI assistants to access DataForSEO's SEO data APIs through a standardized interface.
mcp_server_ts
Provides a Model Context Protocol (MCP) server that exposes defined tools (e.g., "create-user") for client applications.
personal-mcp
Provides an interface for AI agents to manage iCloud calendar events.
ts-mcp
Provides a server for the Minecraft Protocol, likely for custom game logic or proxying.