mcp-auth
Verified Safeby epicweb-dev
Overview
Serves as an AI agent interface for the EpicMe journaling application, enabling AI to interact with journal entries and tags via the Model Context Protocol.
Installation
npx --prefix ./epicshop epicshop startEnvironment Variables
- EPIC_ME_AUTH_SERVER_URL
- OAUTH_KV
- EPIC_ME_DB
- EPIC_ME_MCP_OBJECT
Security Notes
The server employs Zod for robust input validation and delegates authentication to a local OAuth introspection endpoint, which are sound security practices. CORS headers are appropriately configured for public discovery endpoints, preventing broader access issues. No 'eval' or code obfuscation techniques were identified. While the `EPIC_ME_AUTH_SERVER_URL` is hardcoded to a localhost address for development, this is a configuration detail rather than a direct security vulnerability, though it would require environment variable configuration for a production deployment. The use of Cloudflare Durable Objects provides inherent isolation and security benefits.
Similar Servers
mcp-server-cloudflare
Centralized platform for Cloudflare's Model Context Protocol (MCP) servers, enabling AI clients to interact with diverse Cloudflare services using natural language for configuration, data analysis, and task automation.
mcp-server
Provides secure OAuth-based authentication and a set of tools for querying and retrieving data from ThoughtSpot instances, acting as a Model Context Protocol (MCP) server for integration with various Large Language Models (LLMs).
portaljs-mcp-server
A remote Model Context Protocol (MCP) server deployed on Cloudflare Workers, providing AI agent tools to interact with PortalJS datasets for search, retrieval, and data preview.
agent-never-give-up-mcp
Provides metacognitive protocols to AI coding agents to help them recover from being stuck in common development scenarios without human intervention.