LamPyrid
Verified Safeby RadCod3
Overview
Automate personal finance workflows and analysis by integrating with Firefly III personal finance software via a Model Context Protocol (MCP) server.
Installation
docker compose up -dEnvironment Variables
- FIREFLY_BASE_URL
- FIREFLY_TOKEN
Security Notes
The server correctly uses environment variables for sensitive API tokens (`FIREFLY_TOKEN`). Google OAuth is an optional feature with secure token persistence using Fernet encryption and JWT signing keys, which are generated externally. Input sanitization (`FireflyClient._sanitize_value`) is implemented for search queries to mitigate potential injection risks into the Firefly III API query string. There are no obvious hardcoded secrets or direct command execution vulnerabilities in the provided source code. Relying on custom sanitization always carries a slight risk if edge cases are missed, but the current implementation appears robust for its intended purpose.
Similar Servers
fastmcp
FastMCP is an ergonomic interface for the Model Context Protocol (MCP), providing a comprehensive framework for building and interacting with AI agents, tools, resources, and prompts across various transports and authentication methods.
finance-trading-ai-agents-mcp
A specialized MCP server for financial analysis and quantitative trading, designed to deploy local financial MCP services with a departmental architecture for LLM integration and algorithmic trading.
firecrawl-mcp-server
A Model Context Protocol (MCP) server that provides web scraping, crawling, search, and structured data extraction capabilities using the Firecrawl API.
mcp-finance-intel
A financial intelligence MCP server providing structured market analysis and insights for crypto and equities, designed for LLM and human developer consumption.