TaskMCP
Verified Safeby aosyang
Overview
A multi-workspace task management system featuring hierarchical tasks, drag-and-drop sorting, real-time synchronization, and AI agent integration via an MCP server for natural language operations.
Installation
python app.pyEnvironment Variables
- TELEGRAM_BOT_TOKEN
- TELEGRAM_ALLOWED_USER_IDS
Security Notes
The Flask web server uses a hardcoded `SECRET_KEY` ('task-secret-key'), which is a critical security vulnerability, especially if the application were to be deployed in a production environment or exposed to the internet, as it compromises session security. The `server_config.toml` allows binding to `0.0.0.0`, which could expose the application over the network without explicit authentication or authorization for web and API endpoints, posing a risk to task data. Frontend uses DOMPurify for Markdown sanitization, which is good for preventing XSS. Workspace names are validated. The Telegram bot enforces an optional user ID whitelist, which is a good practice.
Similar Servers
claude-todo-emulator
Provides persistent task management for AI coding assistants within IDEs like Cursor and Windsurf by emulating Claude Code's todo system.
Teamwork-MCP
The MCP server simplifies interaction with the Teamwork.com API, enabling AI agents to manage projects, tasks, people, and companies within Teamwork.
Omnispindle
Omnispindle acts as a coordination layer providing standardized Model Context Protocol (MCP) tools for AI agents to manage todos, capture lessons, and facilitate cross-project coordination within the Madness Interactive ecosystem.
AI-Prompt-Guide-MCP
Orchestrates AI agents for project management and development workflows by linking structured markdown specifications and tasks.