mcp
Verified Safeby dootask
Overview
The MCP Server exposes a DooTask workspace as a remote HTTP service to Model Context Protocol (MCP) clients like Claude, allowing AI assistants to interact with user, project, task, message, file, and work report management tools.
Installation
docker run --rm -p 7000:7000 -p 7001:7001 mcp-remote-serverSecurity Notes
The server uses `zod` for robust input validation on all tool parameters, significantly reducing injection risks. Authentication relies on a personal DooTask Token passed via the `Authorization: Bearer <token>` header, which is extracted and validated. The `BASE_URL` is hardcoded to `http://nginx`, indicating it's designed to run within a containerized platform where an internal Nginx proxy handles external exposure and HTTPS, abstracting away direct internet exposure. No hardcoded sensitive credentials were found in the runtime configuration. The HTML/Markdown conversion uses `turndown` and `marked`, which, while potentially introducing client-side XSS if rendered unsafely, are standard libraries and do not appear to pose a direct server-side vulnerability in this context. No `eval` or dangerous `child_process` calls were identified.
Similar Servers
klavis
Creates an AI agent that uses Klavis Strata to interact with Gmail and YouTube through MCP, demonstrating how to summarize a YouTube video and email the summary.
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers for integration with LLM agents and other applications.
mcp-context-forge
A comprehensive Model Context Protocol (MCP) gateway and proxy that unifies REST, MCP, and A2A services, providing features like federation, virtual servers, rate-limiting, security, and an optional admin UI for managing web content and file conversions to markdown.
backlog-mcp-server
Integrate Backlog API with AI agents (e.g., Claude) to manage projects, issues, wikis, and Git repositories through natural language commands.