mcp-test
Verified Safeby Vanblerkh
Overview
Provides a RESTful API for basic user management and fetching context data, likely for an application's backend.
Installation
npm install && npm run deploybuild && node dist/index.jsEnvironment Variables
- PORT
- DB_SECRETS_PATH
- DB_HOST
- DB_USER
- DB_PASSWORD
- DB_NAME
- DB_CONNECTION_LIMIT
Security Notes
The server correctly uses parameterized queries via the `mysql2` library, which is crucial for preventing SQL injection vulnerabilities. However, the handling of `password_hash` in `addUser` and `modifyUser` is ambiguous; the server directly stores the received hash without explicitly demonstrating strong server-side hashing (e.g., bcrypt, scrypt) and salting. If plain text passwords or weakly hashed passwords are sent from the client, they would be stored as such, posing a significant risk. Additionally, the server uses open CORS (accepts requests from any origin), which can be a security risk in production environments if not restricted to specific trusted origins.
Similar Servers
tiger-linear-mcp-server
This server acts as a wrapper for the Linear API, providing focused tools for LLMs to manage and query issue tracking and project data.
tiger-gh-mcp-server
Provides a set of focused tools to Large Language Models (LLMs) for interacting with the GitHub API, enabling capabilities like fetching issues, pull requests, commits, releases, and searching code within a specified organization.
mcp-server
This server integrates Kontent.ai content management with AI tools, allowing natural language operations to create, manage, and explore structured content.
mcp-server-koyeb
A TypeScript/Node.js backend server application, likely intended for deployment on a serverless platform like Koyeb.