wawapp-mcp-debug-server
Verified Safeby deya2021
Overview
A read-only debugging server for the WawApp Firebase/Flutter ecosystem, providing diagnostic tools via the Model Context Protocol (MCP).
Installation
npm startEnvironment Variables
- ENVIRONMENT
Security Notes
The server explicitly enforces a 'strictly read-only' guarantee across all tools. It implements robust security features including token bucket rate limiting (per-tool and global), PII masking for sensitive data (phone numbers, names, GPS coordinates), and comprehensive audit logging for all tool executions with sanitized parameters. Input validation uses Zod schemas, and errors are normalized to prevent exposing internal details. It runs as a StdioServer, meaning it communicates via standard input/output rather than exposing network ports, reducing direct attack surface. The documentation explicitly recommends using read-only Firebase roles ('datastore.viewer', 'logging.viewer'). No 'eval' or similar dangerous patterns were found.
Similar Servers
mcp_flutter
Connects Flutter applications with AI coding assistants to enable real-time debugging, UI inspection, and dynamic tool interaction for development workflows.
marionette_mcp
Enables AI agents to inspect and interact with running Flutter applications for automated testing and runtime interaction.
inspector
An interactive developer tool for testing, debugging, and monitoring MCP (Model Context Protocol) servers, including their tools, prompts, resources, and UI widgets.
mcp-local-wp
Provides AI assistants read-only (and optional write) access to a Local by Flywheel WordPress database for development and debugging, with automatic site detection.