Dida365MCP
Verified Safeby evalor
Overview
This server integrates Dida365 (TickTick) task management capabilities, allowing an AI agent to create, read, update, and delete tasks and projects via the Model Context Protocol (MCP).
Installation
npx -y dida365-mcp-server@latestEnvironment Variables
- DIDA365_CLIENT_ID
- DIDA365_CLIENT_SECRET
- DIDA365_REGION
Security Notes
The server demonstrates strong security practices: OAuth2 credentials (Client ID, Client Secret) are loaded from environment variables, not hardcoded. The Client Secret is securely hashed before storage for token validation. OAuth flow uses CSRF protection via a 'state' parameter. Tokens are stored persistently in the user's home directory with secure file permissions (0o600) and validated against the current client credentials and region. A temporary HTTP callback server handles OAuth redirects, includes path traversal prevention, and uses HTML escaping for error messages. A 'read-only' mode is also available to prevent destructive AI actions. No 'eval' or other directly exploitable patterns were found.
Similar Servers
mcp-server
Provides real-time Indian options market data and volatility analytics from GetOutpost.in to AI chat platforms like Claude for quantitative analysis and trading insights.
MCP-SERVER
Provides an MCP server for automated data analysis workflows including loading datasets, cleaning data, sentiment analysis, clustering, topic extraction, and generating comprehensive reports with visualizations for an AI client.
drilling_mcp_server
Analyzes oil and gas drilling data from CSV files, providing tools for Rate of Penetration (ROP), Mechanical Specific Energy (MSE), Non-Productive Time (NPT) calculations, and data visualization via an MCP server.
nancy-brain
Builds a searchable knowledge base from GitHub repositories and research papers to provide AI agents with context-aware information.