sharp-mcp
Verified Safeby greatSumini
Overview
This MCP server provides image session management and processing capabilities for AI coding assistants, enabling tasks like metadata extraction, color picking, background removal, cropping, and compression.
Installation
npx -y sharp-mcpSecurity Notes
The server can handle user-provided file paths for reading and writing images (`create_session_by_path`, `compress_image`, `extract_region`, `remove_background`). While `validateAbsolutePath` is used to prevent relative path traversal, the server's underlying process permissions will determine the extent of potential file system access an attacker could exploit if they gain control over the `output_path`. Storing base64 images in memory sessions, and performing CPU/memory intensive operations like background removal, cropping, and compression, poses a potential Denial-of-Service (DoS) risk if not adequately rate-limited or resource-managed at a higher layer. The ML model files (10-50MB) for background removal are downloaded and cached on first use, which introduces a supply chain risk if the source of these models were compromised. No hardcoded secrets or 'eval' were found in the provided code.
Similar Servers
cclsp
MCP server to integrate LLM-based coding agents with Language Server Protocol (LSP) servers for robust symbol resolution and code navigation.
fsi-mcp-server
Provides Model Context Protocol (MCP) capabilities to F# Interactive sessions for AI-assisted development workflows.
nanobanana-api-mcp
An MCP server providing image generation and editing capabilities via the Google Gemini API, integrable with various AI coding assistants and IDEs.
unity-mcp-sharp
Integrate AI assistants with Unity Editor for automation, allowing LLMs to manipulate scenes, assets, and runtime via MCP.