doit-mcp-server
by doitintl
Overview
The DoiT MCP Server provides an MCP interface for Large Language Models (LLMs) to interact with the DoiT API, enabling capabilities such as cloud cost analysis, anomaly detection, reporting, invoice retrieval, and support ticket management.
Installation
npx @doitintl/doit-mcp-server@latestEnvironment Variables
- DOIT_API_KEY
- CUSTOMER_CONTEXT
Security Notes
The Cloudflare Worker (`doit-mcp-server/src/app.ts`) decodes and locally interprets claims (specifically `DoitEmployee`) from a client-provided JWT (`apiKey`) without validating the JWT's signature. While the `apiKey` itself is sent to the DoiT API for backend validation via `handleValidateUserRequest`, the `DoitEmployee` status is not returned by the DoiT API's `/auth/v1/validate` endpoint. This means an attacker could potentially forge a JWT to set `DoitEmployee: true` and trigger privileged workflows (e.g., the customer context screen intended for DoiT employees), even if they only possess a valid API key for a regular user. The existing check against `payload.sub` is insufficient to mitigate this privilege escalation risk.
Similar Servers
mcp
Enables AI assistants to interact with AWS DocumentDB databases by providing tools for connection management, database/collection operations, document CRUD, aggregation, schema analysis, and query planning.
bifrost
A high-performance AI gateway with a unified interface for multiple providers, offering real-time monitoring, configuration management, and comprehensive observability for AI infrastructure.
lunar
A Model Context Protocol (MCP) server that acts as a control plane for AI agents and tools, providing management, access control, and observability for AI API calls.
heroku-mcp-server
Facilitates seamless interaction between Large Language Models (LLMs) and the Heroku Platform, enabling LLMs to read, manage, and operate Heroku resources.