statamic-mcp
Verified Safeby cboxdk
Overview
Provides an AI assistant with structured access and control over Statamic CMS content and configurations through a router-based API.
Installation
php artisan mcp:start statamicEnvironment Variables
- APP_ENV
- STATAMIC_LICENSE_KEY
Security Notes
The custom 'Bearer token' authentication method, which is essentially a base64-encoded email and password, is not a true secure token and is functionally equivalent to basic authentication. If the API endpoint is not exclusively served over HTTPS, this could expose credentials in plain text. The BaseStatamicTool explicitly states it uses 'permissive' argument validation for 'Claude compatibility', which means complex, potentially malicious data structures in arguments might not be fully validated at the base level, relying heavily on individual router implementations for deeper input sanitization. While there are strong positive security features like the `PathValidator` for file operations, whitelisted configuration access for system tools, and robust audit logging with sensitive data redaction, these concerns regarding authentication and base-level input validation are significant.
Similar Servers
boost
Accelerates AI-assisted development by providing essential context and structure for generating high-quality, Laravel-specific code via an MCP server.
pluggedin-app
A testing environment for MCP (Model Control Protocol) servers, allowing interaction through a chat interface powered by LLMs and an AI agent using the LangChain ReAct framework.
contentful-mcp-server
Provides AI assistants with comprehensive tools to interact with Contentful APIs for content creation, management, asset organization, workflow automation, and content modeling.
mcp-stata
Connects AI agents to a local Stata installation for executing commands, analyzing data, generating visualizations, and inspecting results.