mcp-server-cloudflare
by Scarmonit
Overview
A Model Context Protocol (MCP) server providing site monitoring, analytics, web diagnostics, and remote terminal agent management for AI clients like Claude.
Installation
npx tsx src/server.tsEnvironment Variables
- API_KEY
- WEBHOOK_SECRET
- NODE_ENV
- CF_API_TOKEN
- MCP_OBJECT
- TERMINAL_AGENT
Security Notes
CRITICAL SSRF VULNERABILITY: The 'web_scrape' and 'http_request' tools in `src/ai-enhanced-tools.ts` do not implement the robust Server-Side Request Forgery (SSRF) protections found in other tools. This allows a malicious actor or an AI agent to make requests to arbitrary internal IP addresses and reserved hostnames (e.g., cloud metadata endpoints, internal network services), potentially exposing sensitive information or facilitating further attacks. Additionally, the 'terminal_execute' tool, while core to the agent's function, allows arbitrary command execution, which needs strict control and auditing at the MCP client or AI level. All other network-related tools like 'check_site_health', 'dns_lookup', 'check_ssl', 'measure_performance', 'analyze_headers', 'whois_lookup', 'schedule_monitor', and 'scan_ports' properly implement SSRF protection.
Similar Servers
remote-mcp-oauth-github
Provides a Cloudflare Workers-based Model Context Protocol (MCP) server with GitHub OAuth for secure custom integrations with Claude.ai.
ClickUp-Taskmaster-Cloudflare-Remote-MCP
A remote MCP server allowing Claude.ai to manage ClickUp tasks and documents, deployed on Cloudflare Workers.
remote-mcp-server-authless
Deploying an unauthenticated Model Context Protocol (MCP) server on Cloudflare Workers, providing simple calculator tools to AI clients.
remote-mcp-server-authless
Provides an unauthenticated remote Model Context Protocol (MCP) server for integrating custom tools with AI models on Cloudflare Workers.