grist-mcp-server
Verified Safeby gwhthompson
Overview
Manages and interacts with Grist relational spreadsheets, providing a developer-friendly API layer for data manipulation, schema management, and UI layout within the Model Context Protocol (MCP) framework.
Installation
node dist/index.jsEnvironment Variables
- GRIST_API_KEY
- GRIST_BASE_URL
- GRIST_MCP_ENABLE_METRICS
- GRIST_MCP_METRICS_INTERVAL
- GRIST_MCP_STRICT_MODE
- GRIST_MCP_DEBUG_MODE
- GRIST_MCP_LOG_TOOL_CALLS
- GRIST_MCP_LOG_TOOL_PARAMS
- DEBUG_MCP_PARAMS
- NODE_ENV
Security Notes
The server demonstrates strong input validation using Zod schemas, output sanitization (redacting sensitive information like API keys and emails from logs/responses), and relies on environment variables for sensitive data like API keys. However, the `grist_query_sql` tool accepts arbitrary SQL strings from user input. While it passes parameters separately to the Grist API, the function `addPaginationToSql` directly injects pagination values into the SQL string. Furthermore, its documentation warns that for older Grist versions, users might need to manually embed values (and 'use proper escaping!'), which could pose a SQL injection risk if not handled meticulously by the user/agent. No direct `eval` or `child_process` calls were found in the main server logic, enhancing its safety profile under normal operation.
Similar Servers
mcp-google-sheets
Acts as an AI assistant's gateway to Google Sheets for automation and data manipulation.
google-sheets-mcp
Manages Google Sheets data programmatically via a server-side application, leveraging the Google Sheets API for various data manipulation tasks.
polarbase
Extensible open-source data backend for PostgreSQL with a multi-view UI (spreadsheet), AI agent integration via MCP, and real-time capabilities.
MCP-Quantum-Server
Integrates AI, APIs, and automation for intelligent notifications and workflow optimization with GitHub and X.