bear-mcp-server
by binnapro
Overview
This server allows Claude Code to programmatically interact with and manage notes in the Bear note-taking application on macOS.
Installation
node dist/index.jsEnvironment Variables
- BEAR_TOKEN
Security Notes
The server has a critical Local File Read (LFR) vulnerability. The `create_note_with_image` and `add_image` tools accept an `image_path` parameter, which is then directly read using `fs.readFileSync` without validation or sanitization. A malicious actor or compromised LLM could provide paths to sensitive local files (e.g., '/etc/passwd', '~/.ssh/id_rsa'), leading to their content being base64 encoded and embedded into a Bear note. Additionally, the `BEAR_TOKEN` environment variable is required at startup but appears to be unused in the `BearAPI` logic, which is confusing and potentially misleading. While URL encoding is used for x-callback-url parameters, the LFR is the primary concern.
Similar Servers
claude-code-mcp
Acts as an MCP server to enable LLMs to run Claude Code CLI in one-shot mode, bypassing permissions for complex coding, file system, Git, and terminal operations.
bear-notes-mcp
This server connects Claude Desktop to Bear notes, enabling natural language querying and management of notes through a hybrid sync-safe approach.
mcp-client-server
A specialized Model Context Protocol (MCP) server designed to act as a testing harness for developing and iterating on other MCP servers within a Claude AI environment.
advanced-memory-mcp
An MCP server that integrates personal knowledge management through zettelkasten, knowledge graphs, and experimental Claude Skills with AI clients like Claude Desktop and Cursor IDE.