resend-streamable-mcp-server
Verified Safeby iceener
Overview
Facilitates AI agent management of email contacts, segments, newsletters, and campaigns via Resend.
Installation
bun devEnvironment Variables
- RESEND_API_KEY
- RESEND_DEFAULT_FROM
- BEARER_TOKEN
Security Notes
The server implements bearer token authentication and input validation via Zod schemas, which are good practices. However, a critical security vulnerability exists in its default configuration: the `isAllowedOrigin` function (used for origin validation) is a placeholder that always returns `true` in production. This means, by default, the server accepts requests from *any* origin when deployed to a public endpoint, making it highly susceptible to Cross-Site Request Forgery (CSRF) attacks if a client is tricked into sending requests with a valid bearer token. Additionally, the README explicitly warns that giving an AI agent access to email sending capabilities carries significant risks, including misinterpretation of instructions and unintended email broadcasts. Users must implement client-side review and confirmation mechanisms.
Similar Servers
whatsapp-mcp-ts
Connects a personal WhatsApp account to an AI agent, enabling the agent to search messages and contacts, list chats, retrieve message history, and send messages via WhatsApp.
PyData_Boston_2025_MCP_Server_Tutorial
Builds an MCP server to integrate AI agents with Gmail for reading unread emails, generating AI-powered replies, and sending emails.
mcp_email
Adds email functionality (POP3 and SMTP) to an AI agent for sending and receiving emails.
mcp-kit
Connects AI assistants to Kit.com for managing email marketing tasks like subscribers, tags, sequences, and broadcasts via natural language.