WhatsApp-AI-Bot
Verified Safeby YOUHAD08
Overview
An intelligent WhatsApp chatbot that leverages a dedicated MCP server for dynamic tool management, enabling employee data queries via Spring AI and OpenAI's GPT-4.
Installation
cd mcp_server && mvn spring-boot:runEnvironment Variables
- OPENAI_API_KEY
- WHATSAPP_ACCESS_TOKEN
- WHATSAPP_VERIFY_TOKEN
Security Notes
The application employs environment variables for sensitive data like API keys and verification tokens, which is a good practice. User input (message text) is escaped before being included in JSON payloads, mitigating potential JSON injection risks when communicating with the Meta WhatsApp API. Webhook verification ensures authenticity of incoming requests. The architecture's separation into a main bot service and a distinct MCP server for tools enhances modularity and potentially reduces the attack surface. No direct 'eval' or easily exploitable code injection vulnerabilities are apparent in the provided source code. Primary security considerations would revolve around prompt injection for the LLM and the secure management of API keys and server exposure during deployment.
Similar Servers
whatsapp-mcp-ts
Connects a personal WhatsApp account to an AI agent, enabling the agent to search messages and contacts, list chats, retrieve message history, and send messages via WhatsApp.
spring-boot-ai
A Spring Boot application implementing a Model Context Protocol (MCP) server that provides a remote 'Booking Tool' for an AI agent.
springai-mcp-gateway
An OAuth 2.1 secured Spring AI MCP gateway enabling ChatGPT Connectors to interact with local development tools via a streamable HTTP endpoint.
MCP-Client-Host-Java
An MCP (Model Context Protocol) client that acts as a server to the MCP host, managing connections to various external MCP servers (tools) and orchestrating tool discovery and execution for AI assistants.