awesome-ionic-mcp
by Tommertom
Overview
The server provides an AI assistant with access to Ionic Framework components, Capacitor plugins, developer resources, and CLI command execution to accelerate mobile app development.
Installation
npx -y awesome-ionic-mcp@latestEnvironment Variables
- GITHUB_TOKEN
- MCP_QUIET
Security Notes
The server uses `execa` to run Ionic and Capacitor CLI commands. While it attempts to validate commands and arguments with a `dangerousChars` regex to prevent shell injection, there's a critical vulnerability in the `validateCommand` function. It implicitly allows `npx` to execute *any* package name that starts with 'cap' (e.g., `npx cap-malicious-package`), even if it's not `@capacitor/cli`, if not explicitly whitelisted. This could lead to arbitrary code execution if an attacker can control the package name passed to a CLI tool that uses `npx`. Additionally, Puppeteer is launched with `--no-sandbox` and `--disable-setuid-sandbox` flags, which disables Chromium's security sandbox, posing a risk if a browser vulnerability is exploited.
Similar Servers
docs-mcp-server
The Documentation MCP Server indexes documentation from web sources, local files, and package registries, making it searchable via the Model Context Protocol (MCP).
gcloud-mcp
Enables AI assistants to interact with Google Cloud using natural language and automate cloud operations via the gcloud CLI.
responsible-vibe-mcp
Guides AI coding agents through structured engineering workflows and manages long-term project memory and documentation for various development tasks.
octomind
Octomind is a session-first AI development assistant with built-in Model Context Protocol (MCP) tools and multi-provider AI support, enabling interactive AI conversations, code analysis, file system management, and web research.