Frappe_Assistant_Core
by buildswithpaul
Overview
AI-powered business data analysis and document management by connecting Claude Desktop (or other LLMs) to Frappe ERP systems.
Installation
No command providedSecurity Notes
The server extensively uses Python's `exec()` for running AI-generated code. This is mitigated by a multi-layered sandboxing approach: `ReadOnlyDatabase` wraps all `frappe.db` calls to prevent write/delete/update SQL operations; `_scan_for_dangerous_operations` performs static code analysis to block a wide array of dangerous keywords (e.g., `DELETE`, `DROP`, `INSERT`, `exec`, `eval`, `__import__`, `open`, network calls like `requests`, `urllib`); the execution environment (`_setup_secure_execution_environment`) carefully whitelists built-in functions and pre-loads only safe modules, while explicitly removing dangerous ones (`os`, `sys`, `subprocess`, `socket`, `threading`, `multiprocessing`, `asyncio`, `ctypes`, `imp`, `importlib`); user permissions are strictly enforced (`frappe.has_permission`). Unicode sanitization is also performed. Despite these rigorous protections, relying on `exec` with external input inherently carries a risk of potential bypass if a subtle vulnerability exists in the sandboxing or static analysis.
Similar Servers
Frappe_Assistant_Core
AI-powered business data analysis and document management by connecting Claude Desktop (or other LLMs) to Frappe ERP systems.
cozyreq
An AI agent to interact with and explore API endpoints by consuming OpenAPI specifications and user prompts.
ga-ai-mcp-server
This server allows AI agents to query Google Analytics 4 data (reports, traffic sources, demographics, etc.) via the Model Context Protocol (MCP).
Kotak_Neo_MCP_Server_With_Agentic_Application.
A server designed to host and manage AI agentic applications, likely for automating tasks or processing information. The specific functionality is unknown due to missing code.