strava_mcp
Verified Safeby erwanndebelloy
Overview
Acts as a simple HTTP proxy to intercept, modify, and forward requests, likely for processing Strava webhooks or similar events.
Installation
node mcp.jsEnvironment Variables
- MCP_PORT
- TARGET_PORT
- TARGET_HOST
- TARGET_PATH
Security Notes
The server functions as a basic HTTP proxy. While the code itself does not contain explicit vulnerabilities like 'eval' or hardcoded secrets, its nature as a proxy introduces a potential for Server-Side Request Forgery (SSRF) if 'TARGET_HOST' (configured via environment variables) can be manipulated to point to internal network resources and the proxy is exposed publicly. Proper network segmentation and careful configuration of environment variables are critical for secure deployment.
Similar Servers
MCP-oura
Provides language models with access to Oura API health data (sleep, readiness, resilience) via the Model Context Protocol.
intervals-mcp-server
Connects AI models (Claude, ChatGPT) with the Intervals.icu API to retrieve and manage athlete fitness data, including activities, events, and wellness metrics.
hevy-mcp
This server acts as a Model Context Protocol (MCP) interface, enabling AI assistants to interact with the Hevy fitness tracking app's API to manage workout data, routines, exercise templates, folders, and webhook subscriptions.
pierre_mcp_server
Conversational AI fitness coaching and data analysis platform with provider integrations and user management.