MCP-Server
by ivasoom
Overview
Facilitate interaction with the Shopify Admin API for product and order management, primarily for AI assistants using Model Context Protocol (MCP) or custom GPT actions.
Installation
npm run start:sseEnvironment Variables
- SHOPIFY_ACCESS_TOKEN
- SHOPIFY_STORE_DOMAIN
- MCP_SSE_PORT
- MCP_SSE_PATH
- MCP_SSE_MESSAGES_PATH
Security Notes
The server, when run as a direct API (`shopify-api-server.js`), explicitly lacks any authentication or authorization layer, making it critically vulnerable to unauthorized access and manipulation of Shopify data if exposed publicly. The `README.md` and `CHATGPT_SETUP.md` clearly state this risk, recommending the addition of authentication, rate limits, and HTTPS for production use. While environment variables are used for sensitive credentials (Shopify Access Token), the absence of request-level authentication for the API endpoints is a major security flaw for general deployment. GraphQL queries are structured, which helps prevent direct injection of malicious query structures, but the lack of authentication overrides this mitigation.
Similar Servers
mcp-server
A Node.js server implementing Model Context Protocol (MCP) for Webflow, enabling AI agents to interact with Webflow Data and Designer APIs.
typingmind-mcp
A server for managing and integrating Model Context Protocol (MCP) servers with TypingMind, enabling custom AI model connections.
mcp-reference-server
Standardize and manage fulfillment operations for AI agents by providing a universal interface to various fulfillment systems.
ebay-mcp
Enables AI assistants to manage eBay selling operations, including inventory, orders, marketing, and analytics, through a Model Context Protocol (MCP) server.