MCP_Server_v1
by PareshKolte1
Overview
An API server for integrating with SAP systems, specifically for sales order creation, and provides a generic tool registration and invocation layer.
Installation
python server.pyEnvironment Variables
- SAP_API_BASE_URL
- SAP_USERNAME
- SAP_PASSWORD
- DESTINATION_NAME
- PORT
- VCAP_SERVICES
Security Notes
The `SapClientCF` class uses `verify=False` in `requests` calls for both CSRF token fetching and sales order posting, disabling SSL certificate verification and making the application highly vulnerable to Man-in-the-Middle (MITM) attacks. The `/v1/tools/invoke/{tool_name}` endpoint in `main.py` is vulnerable to Server-Side Request Forgery (SSRF) as it allows arbitrary URL invocation based on user-registered tool configurations without validation or restrictions, potentially exposing internal network resources. Error messages might expose sensitive internal details. Hardcoded `sap-client` values are present.
Similar Servers
prometheus-mcp-server
Enables AI assistants to query and analyze Prometheus metrics through a Model Context Protocol (MCP) server.
lex
Provides a UK legal research API with advanced search capabilities (semantic, keyword, reference) across legislation, caselaw, amendments, and explanatory notes, optimized for AI agents via MCP integration. It processes and indexes millions of legal documents using hybrid vector search and AI-generated summaries/explanations, supporting large-scale legal data analysis.
cpi-mcp-server
The MCP server provides AI-powered applications with access to integration packages and artifacts within an SAP Cloud Integration tenant.
mcp-code-exec-python
A Model Context Protocol (MCP) server designed to execute arbitrary Python code and install packages, primarily for integration with Heroku and AI agents.