glm-image-mcp-server
Verified Safeby ex-takashima
Overview
MCP server and CLI tool for generating images using Z.AI's glm-image model.
Installation
node dist/index.jsEnvironment Variables
- Z_AI_API_KEY
- OUTPUT_DIRECTORY
Security Notes
The code explicitly implements path traversal protection using `isPathWithinDirectory` and `getSafeOutputPath` when downloading and saving images, which is a strong security measure. API keys are loaded from environment variables (`process.env.Z_AI_API_KEY`) and checked for existence, preventing hardcoded secrets. No use of `eval` or obvious obfuscation was found. The main network risks are standard API calls and image downloads, handled by the `axios` library with reasonable timeouts. Overall, the server appears to be developed with good security practices.
Similar Servers
z-image-studio
Z-Image Studio is a local toolkit for high-quality text-to-image generation using the Z-Image-Turbo model, providing CLI, Web UI, and MCP server interfaces with hardware optimizations.
nanobanana-api-mcp
An MCP server providing image generation and editing capabilities via the Google Gemini API, integrable with various AI coding assistants and IDEs.
imgenx
AI image and video generation and processing, functioning as a command-line tool or MCP server.
Create-MCP
Generates Model Context Protocol (MCP) server projects through a command-line interface.