spm-mcp

Name: spm-mcp
Author: corbyjamesibm

Verified Safe

by corbyjamesibm

View Source

Overview

Manage Targetprocess projects, track work, and update tasks through natural language conversations with an AI assistant.

Installation

Run Command

TP_DOMAIN=your-domain.tpondemand.com TP_USERNAME=your-username TP_PASSWORD=your-password TP_USER_ROLE=developer TP_USER_ID=your-user-id TP_USER_EMAIL=your-email MCP_STRICT_MODE=true npx -y @cprime/spm-mcp

Environment Variables

TP_DOMAIN
TP_API_KEY
TP_USERNAME
TP_PASSWORD
TP_USER_ROLE
TP_USER_ID
TP_USER_EMAIL
MCP_STRICT_MODE

Security Notes

The server handles Targetprocess credentials via environment variables or config files, which is a standard secure practice. Input validation for tool parameters is implemented using Zod. The `QueryBuilder` includes custom parsing and escaping for SQL injection prevention in the Targetprocess query language. The `AnalyzeAttachmentOperation` explicitly implements strong security measures including file size limits (50MB), MIME type whitelisting, and suspicious filename pattern detection before downloading and base64-encoding content. While base64 encoding large files (up to 50MB) means potentially massive token consumption by the LLM, the `AnalyzeAttachmentOperation` does so under strict security controls, making the process itself safe from the server's perspective.

Similar Servers

conductor-tasks

Conductor Tasks acts as an intelligent AI-powered assistant for developers, streamlining the entire development lifecycle from task generation and planning (parsing PRDs, expanding tasks, generating implementation steps) to execution and code modification (generating diffs). It provides visual task management, integrates with various IDEs, and leverages multiple LLM providers for optimal results and cost efficiency.

Other

$High