PersonaMate
Verified Safeby enrodrigu
Overview
Manages personal contact data and relationships using an AI-powered knowledge graph assistant that integrates with an MCP server.
Installation
docker compose up -d neo4j mcpEnvironment Variables
- OPENAI_API_KEY
- NEO4J_URI
- NEO4J_USER
- NEO4J_PASSWORD
- NEO4J_DB
- LANGCHAIN_API_KEY
- LANGCHAIN_TRACING_V2
Security Notes
The `utils/neo4j_graph.py` module directly interpolates user-provided string arguments like `type` (node labels) and `edgetype` (relationship types) into Cypher queries. While `name` properties are parameterized, if an attacker can control `type1`, `type2`, or `linktype` parameters through the MCP server, they could potentially inject arbitrary Cypher, leading to database compromise. Additionally, `docker-compose.yml` defines default Neo4j credentials (`neo4j/neo4j-pass`) directly, which, if not overridden by the `.env` file, can result in weak default security. Users are prompted to set `OPENAI_API_KEY` but not explicitly for Neo4j credentials within the deployment script.
Similar Servers
5ire
A desktop AI assistant client that integrates with various LLM providers and supports extensible tool and prompt functionalities via the Model Context Protocol (MCP).
mcp-neo4j
Provides a Model Context Protocol (MCP) server for interacting with Neo4j graph databases, enabling Cypher query execution, schema introspection, and generating insights for AI models.
obsidian-mcp-plugin
Connects Obsidian vault to AI assistants via Model Context Protocol (MCP), enabling AI to understand and navigate notes as a knowledge graph for semantic search and information synthesis.
mcp
Provides a Model Context Protocol (MCP) server for Neo4j, enabling LLMs to interact with the database via defined tools.