doffin-documents-mcp
Verified Safeby Webstep
Overview
The server provides a set of tools for generating bid documents, checking content compliance against requirements, validating brand consistency, and applying document templates.
Installation
gradle bootRunEnvironment Variables
- DOCUMENTS_MOCK_ENABLED
- DOCUMENTS_OUTPUT_DIR
- CORS_ALLOWED_ORIGINS
Security Notes
The server, by default, operates in 'mock mode' (documents.mock.enabled:true), meaning it does not physically generate PDF/Word files or interact with the file system for output. Document generation methods primarily calculate metadata and store results in an in-memory map. No 'eval' or other dynamic code execution is present. Input parameters are explicitly typed and validated (e.g., asText(), asInt()). CORS is configured to specific origins. The primary risk would arise if 'mockEnabled' were set to 'false' and the underlying (unseen) document generation library had vulnerabilities, or if the 'outputDir' could be manipulated by a sophisticated attack (mitigated by 'sanitizeFileName'). As presented, it's quite safe.
Similar Servers
mcp-maintainer-toolkit
This server provides a Model Context Protocol (MCP) interface with various tools and resources designed to assist in maintaining, testing, and developing MCP repositories and clients.
mcp-docs-server
Serves Markdown documentation, reusable prompt templates, and various file types as an MCP server for AI agents.
artifact-mcp
AI agent server for high-fidelity document generation and manipulation (Word, Excel, PowerPoint, PDF, Markdown, EPUB, MS Project, Email) via a declarative workspace pattern.
mcp-server-guide
An MCP server that centralizes AI agent instructions, documentation, and guidelines to support an iterative and phased software development cycle, ensuring structured, collaborative, and high-quality outcomes.