defuddle-fetch-mcp-server
by domdomegg
Overview
This server allows LLMs to fetch web content, automatically cleaning HTML into markdown, extracting key metadata like title and author, and supporting chunked reading.
Installation
npx -y defuddle-fetch-mcp-serverSecurity Notes
CRITICAL RISK: The server fetches arbitrary URLs provided by the LLM (`fetch(args.url)`) without sufficient validation or network egress filtering. This makes it vulnerable to Server-Side Request Forgery (SSRF) attacks. An LLM could be prompted to access internal network resources (e.g., `http://192.168.1.100`), local files (e.g., `file:///etc/passwd`), or use the server as a proxy for malicious external requests. While `z.string().url()` validates the URL *format*, it does not prevent access to sensitive schemas or private IP ranges. Additionally, the `raw` parameter allows returning raw HTML, which could potentially expose the LLM or its downstream consumers to XSS if not properly sanitized on the client side, though the primary server-side risk is SSRF.
Similar Servers
DevDocs
DevDocs is a web crawling and content extraction platform designed to accelerate software development by converting documentation into LLM-ready formats for intelligent data querying and fine-tuning.
kindly-web-search-mcp-server
Provides web search with robust, LLM-optimized content retrieval from various sources (StackExchange, GitHub, Wikipedia, arXiv, and general webpages) for AI coding assistants.
crawlbase-mcp
A Model Context Protocol (MCP) server that enables AI agents and LLMs to fetch fresh, structured, real-time web content (HTML, Markdown, screenshots) via Crawlbase's scraping infrastructure.
mcp-web-scraper
Connects LLMs and applications to Decodo's web scraping platform for easy web data access and parsing.