KOmcp
Verified Safeby TillMatthis
Overview
Provides a secure, OAuth2-authenticated Model Context Protocol (MCP) server that enables LLM applications like Claude to manage (create, search, retrieve, delete) Kura notes via API calls.
Installation
npm run devEnvironment Variables
- BASE_URL
- KOAUTH_URL
- KOAUTH_JWKS_URL
- KOAUTH_CLIENT_REGISTRATION_URL
- KURA_DATABASE_URL
- KURA_URL
Security Notes
The server demonstrates robust security practices: Fastify with Helmet, CORS (configurable origins), and Rate Limiting. OAuth2 token validation is thorough, using JWKS for signature verification and checking issuer, audience, and expiration. Role-based access control is enforced via `requireScopes` middleware. Logging (Pino) is structured and redacts sensitive data like Authorization headers. Docker deployment uses a non-root user. Critically, KOmcp interacts with Kura via its HTTP API (`KuraClient` uses `fetch`), shifting direct database access and potential SQL injection risks to the Kura application itself. A minor inconsistency is that `src/config/env.ts` validates for `KURA_DATABASE_URL` while `src/services/kura-client.ts` uses `KURA_URL` to connect to Kura's API, which might lead to unnecessary environment variable requirements, but does not pose a direct security vulnerability.
Similar Servers
zen-mcp-server
A server for coordinating and managing AI agents, likely for simulations or complex task execution, leveraging Claude LLMs.
consult-llm-mcp
An MCP server that allows AI agents like Claude Code to consult stronger, more capable AI models (e.g., GPT-5.2, Gemini 3.0 Pro) for complex code analysis, debugging, and architectural advice.
remote-mcp
Remote MCP allows users to create and manage cloud-based Model Context Protocol (MCP) servers, facilitating secure connections between AI clients (like Claude Desktop) and various external applications (GitHub, Slack, Notion, etc.).
toon-context-mcp
A server designed for managing game or application context, likely in a 'toon' (game/animated) environment, with integration capabilities for AI models like Claude.