amlink-submissions-mcp
Verified Safeby eduardomb-aw
Overview
A Model Context Protocol (MCP) server and client implementation for AmLink submissions API integration, built with ASP.NET Core and secured with Identity Server 4.
Installation
docker-compose up -dEnvironment Variables
- IDENTITY_SERVER_CLIENT_SECRET
- OPENAI_API_KEY
Security Notes
The project uses Identity Server 4 for authentication and integrates robust CI/CD pipelines including Trivy for security scanning, which are good practices. However, the `docker-compose.yml` file hardcodes a password for Kestrel's default HTTPS certificate (`ASPNETCORE_Kestrel__Certificates__Default__Password=YourSecurePassword123!`), even if intended for development, which is a significant security oversight. Additionally, `docker-compose.override.yml` provides default client secrets and OpenAI API keys, which, while meant for development convenience, can lead to accidental exposure or bad habits. Production configurations correctly enforce environment variables for these sensitive values, mitigating the risk for deployed environments.
Similar Servers
bank-api
A design reference project for building a compliant and modern bank API, exposed via Model Context Protocol.
mcp-dotnet-samples
This MCP server retrieves GitHub Copilot customizations, including instructions, agents, prompts, and collections, from the `awesome-copilot` repository to provide contextual guidance to AI models.
example-remote-server
A reference server demonstrating all Model Context Protocol (MCP) features and OAuth 2.0 authentication patterns.
PolarionMcpServers
Integrate Polarion Application Lifecycle Management (ALM) data with Model Context Protocol (MCP) clients and AI assistants.