ebay-mcp
Verified Safeby YosefHayim
Overview
Enables AI assistants to manage eBay selling operations, including inventory, orders, marketing, and analytics, through a Model Context Protocol (MCP) server.
Installation
ebay-mcpEnvironment Variables
- EBAY_CLIENT_ID
- EBAY_CLIENT_SECRET
- EBAY_REDIRECT_URI
- EBAY_ENVIRONMENT
- EBAY_USER_REFRESH_TOKEN
- MCP_HOST
- MCP_PORT
- OAUTH_ENABLED
Security Notes
The server acts as a proxy for eBay APIs, relying heavily on environment variables for sensitive credentials (eBay Client ID/Secret, OAuth Refresh Token). These are appropriately excluded from version control via `.gitignore`. The application uses `helmet` for basic Express security and `cors` with `origin: '*'` in development, which is explicitly noted as a potential production issue in comments. OAuth 2.1 is implemented with token introspection/JWT validation and automatic token refreshing. No direct `eval` or obvious malicious patterns were found. Interactive setup scripts handle sensitive data entry and `.env` file updates responsibly. The general security posture is good for an open-source project of this nature, but the inherent risk of handling API credentials and the `cors` setting warrant caution for production deployment.
Similar Servers
boilerplate-mcp-server
Provides a production-ready foundation for developing custom Model Context Protocol (MCP) servers in TypeScript to connect AI assistants with external APIs and data sources, exemplified by an IP geolocation tool.
openapi-mcp-server
Converts OpenAPI specifications into Model Context Protocol (MCP) tools, enabling AI assistants to interact with APIs.
MCP-Council
Automates the conversion of REST APIs into AI-powered MCP (Model Context Protocol) servers, enabling seamless integration of APIs with AI assistants.
mcp-agent-kit
Simplifies the creation and management of AI agents, chatbots, and Model Context Protocol (MCP) servers with various LLM providers.