strava_mcp
Verified Safeby erwanndebelloy
Overview
Acts as a simple HTTP proxy to intercept, modify, and forward requests, likely for processing Strava webhooks or similar events.
Installation
node mcp.jsEnvironment Variables
- MCP_PORT
- TARGET_PORT
- TARGET_HOST
- TARGET_PATH
Security Notes
The server functions as a basic HTTP proxy. While the code itself does not contain explicit vulnerabilities like 'eval' or hardcoded secrets, its nature as a proxy introduces a potential for Server-Side Request Forgery (SSRF) if 'TARGET_HOST' (configured via environment variables) can be manipulated to point to internal network resources and the proxy is exposed publicly. Proper network segmentation and careful configuration of environment variables are critical for secure deployment.
Similar Servers
MCP-oura
An MCP server that provides language models access to Oura API for querying sleep, readiness, and resilience health data.
intervals-mcp-server
Connects AI models (Claude, ChatGPT) with the Intervals.icu API to retrieve and manage athlete fitness data, including activities, events, and wellness metrics.
hevy-mcp
An MCP server enabling AI assistants to access and manage workout data, routines, exercise templates, and webhooks through the Hevy fitness tracking API.
pierre_mcp_server
A multi-tenant web dashboard and API server for managing and monitoring fitness data (activities, sleep, recovery, nutrition) and AI-powered fitness intelligence.