zotero-mcp
Verified Safeby cookjohn
Overview
Integrates Zotero, a leading reference management tool, with AI assistants through the Model Context Protocol (MCP) to enable intelligent search, retrieval, and analysis of academic literature and annotations.
Installation
No command providedSecurity Notes
The server runs as a Zotero plugin, leveraging Zotero's internal APIs and environment, which provides some sandboxing. By default, it listens only on the local loopback interface (127.0.0.1:23120), limiting external network attack surface. No explicit 'eval', 'exec', or hardcoded secrets were found in the provided code. Input from AI clients is parsed as JSON-RPC requests and arguments are dispatched to specific handlers. While this structure generally enhances security, it relies on the robustness of Zotero's underlying APIs to prevent injection or unexpected behavior from crafted input. File system access for PDF and attachment processing relies on Zotero's `attachment.getFilePath()` and `IOUtils.read()` which are expected to operate within defined Zotero data paths, mitigating arbitrary file access risks.
Similar Servers
chunkhound
Transforms codebases into searchable knowledge bases for AI assistants using semantic search and regex search, with deep research capabilities for code and files.
mcp-server
Provides a Model Context Protocol (MCP) server for AI agents to search and retrieve curated documentation for the Strands Agents framework, facilitating AI coding assistance.
ncp
A unified Model Context Protocol (MCP) orchestrator that enables semantic tool discovery, management, scheduling, and execution across a diverse ecosystem of connected AI tools and services.
zoekt-mcp
Provides code search and content fetching capabilities using Zoekt, designed for integration with AI assistants and LLMs.