notes-mcp
by PanseBossuSmecheru
Overview
Connects Apple Notes on macOS to an MCP server, enabling seamless access and synchronization across various platforms.
Installation
node dist/index.jsSecurity Notes
The server's `executeOSAScript` function directly embeds user-controlled input (e.g., note names, bodies, folder IDs) into a shell command via `osascript`. Although there are attempts to escape double quotes and newlines, this method is highly susceptible to command injection. An attacker who can influence the content of notes or folder IDs could potentially execute arbitrary commands on the macOS system running the server, leading to critical system compromise. This represents a severe security vulnerability.
Similar Servers
bear-notes-mcp
This server connects Claude Desktop to Bear notes, enabling natural language querying and management of notes through a hybrid sync-safe approach.
mcp-notes
A local server for managing, searching, and organizing personal notes with structured tags and markdown support, integrated with Claude Desktop and a web interface.
notes-querier-mcp
A macOS Notes app MCP server for querying notes and folders via AppleScript.
AppleNotesMCP
Enables AI assistants to interact with Apple Notes on macOS, providing comprehensive notes management (CRUD) and advanced semantic search capabilities through Retrieval-Augmented Generation (RAG).