mcp-server
by Ryttis
Overview
A minimalist, stable kernel server providing a bounded execution environment for various tools via JSON-RPC over WebSocket, strictly separating business logic from side effects, primarily intended for AI agent integration.
Installation
node server.jsEnvironment Variables
- AUTH_TOKEN
- OPENAI_API_KEY
- ETNOLENTOS_PATH
- FACTURACORE_PATH
- DB_HOST
- DB_USER
- DB_PASS
- DB_NAME
- MCP_DATA_DIR
Security Notes
Critical vulnerabilities for Command Injection (`core.runCommand`), Arbitrary File Read/Write (`core.readFile`, `core.writeFile`), and potential SQL Injection (`core.dbQuery`). The `core.runCommand` tool passes user-controlled input directly to `child_process.exec` without sanitization. The `core.readFile` and `core.writeFile` tools allow reading/writing to arbitrary paths on the file system without proper root confinement. The `core.dbQuery` passes unsanitized SQL queries to the database. These tools lack necessary input validation and path confinement, making the server highly exploitable if exposed.
Similar Servers
athena-protocol
An intelligent MCP server that acts as an AI tech lead for coding agents, providing expert validation, impact analysis, and strategic guidance before code changes are made.
AI-Prompt-Guide-MCP
Orchestrates AI agents for project management and development workflows by linking structured markdown specifications and tasks.
ultrascript-tools-mcp
An expert developer tool for comprehensive code analysis, semantic search, refactoring, code modification, and automated documentation. It leverages AI and specialized runtime environments (Node.js/Bun) for high performance, featuring deep Git integration for branch-aware indexing and merge conflict resolution across multiple programming languages.
ai-control-framework
AI-powered development workflow management and prompt optimization, enforcing disciplined software development practices for AI coding agents.