quickbook-mcp
Verified Safeby heyibad
Overview
Provides a Model Context Protocol (MCP) server for integrating with QuickBooks Online, offering tools to manage various financial entities.
Installation
npm install && npm run build && node dist/src/index.jsEnvironment Variables
- QUICKBOOKS_CLIENT_ID
- QUICKBOOKS_CLIENT_SECRET
- QUICKBOOKS_ENVIRONMENT
- QUICKBOOKS_REFRESH_TOKEN
- QUICKBOOKS_REALM_ID
- PORT
- ALLOWED_ORIGINS
Security Notes
The server uses `dotenv` for environment variables, preventing hardcoded secrets. Outbound QuickBooks API calls use `URLSearchParams` for query parameters and `JSON.stringify` for bodies, reducing direct injection risks. SQL query construction for search operations includes manual escaping (`.replace(/'/g, "\\'")`) which is a critical point but appears to be handled. The OAuth flow involves a temporary local server for callback, scoped to `localhost:8000`. Input schemas use Zod for validation, but many employ `.passthrough()`, meaning extra fields in input might be passed to QuickBooks API, which relies on the upstream API's validation. No explicit `eval` or direct command injection vectors were found.
Similar Servers
QBO-MCP-TS
Integrate with QuickBooks Online to provide modular accounting automation, financial reporting, and real-time updates via an MCP server.
MindbodyMCP
Provides AI assistants with comprehensive access to the Mindbody API for managing fitness and wellness studio operations, including classes, clients, staff, sales, appointments, and enrollments.
stock_intelligence_mcp
This MCP server enables AI agents to access and analyze Yahoo Finance stock data, providing real-time information, technical analysis, and recommendations.
expenselm-mcp-server
This server likely functions as a backend API for an expense management system, potentially integrating with or serving an expense-specific language model.