renfe_mcp_server
Verified Safeby belgrano9
Overview
Query Renfe (Spanish railway) train schedules and prices using official GTFS data and real-time web scraping via a Model Context Protocol (MCP) server.
Installation
uv run python -m renfe_mcp.serverEnvironment Variables
- RENFE_ENABLE_AUTH
- RENFE_API_KEY
- RENFE_API_KEY_HASH
- RENFE_RATE_LIMIT_ENABLED
- RENFE_MAX_REQUESTS_PER_MINUTE
- RENFE_MAX_REQUESTS_PER_HOUR
- RENFE_MAX_PRICE_REQUESTS_PER_MINUTE
- RENFE_MAX_PRICE_REQUESTS_PER_HOUR
- RENFE_LOG_SECURITY_EVENTS
- RENFE_LOG_SENSITIVE_DATA
- RENFE_LOG_LEVEL
- RENFE_SESSION_TIMEOUT
- RENFE_DEV_MODE
- RENFE_GTFS_DATA_DIR
Security Notes
The project demonstrates strong security awareness for network requests and file handling. It actively prevents SSRF attacks through URL whitelisting, HTTPS enforcement, response size limits, and restricted redirects. Zip Slip vulnerabilities during data updates are mitigated with safe extraction. Authentication and rate limiting are configurable via environment variables, and a security logger is in place to audit events with sensitive data redaction. The reliance on reverse-engineered DWR protocol for price scraping, while implemented carefully, introduces a minor inherent risk of breaking due to external changes.
Similar Servers
mcp-server
Provides real-time Indian options market data and volatility analytics from GetOutpost.in to AI chat platforms like Claude for quantitative analysis and trading insights.
MCP-SERVER
Provides an MCP server for automated data analysis workflows including loading datasets, cleaning data, sentiment analysis, clustering, topic extraction, and generating comprehensive reports with visualizations for an AI client.
drilling_mcp_server
Analyzes oil and gas drilling data from CSV files, providing tools for Rate of Penetration (ROP), Mechanical Specific Energy (MSE), Non-Productive Time (NPT) calculations, and data visualization via an MCP server.
MCP-SERVER
The provided content is a biographical list of various individuals named Saba Riaz, detailing their professions and affiliations.