taskmaster-mcp-server
by jasonberkes
Overview
An MCP server for the TaskMaster platform, providing AI agents with tools for conversation management, filesystem operations, GitHub integration, command execution, and SQL Server management.
Installation
npm startEnvironment Variables
- DB_SERVER
- DB_NAME
- DB_USER
- DB_PASSWORD
- USER_ID
- GITHUB_TOKEN
Security Notes
The `run_command` tool is a critical security risk as it allows arbitrary terminal command execution with `shell: true` and no input sanitization or sandboxing, potentially leading to full system compromise. The `sql_execute_query` tool's read-only mode is easily bypassed (it relies on `startsWith` checks, which are insufficient), enabling destructive SQL operations by a malicious or confused agent. Filesystem access `ALLOWED_PATHS` are hardcoded to specific local user directories, which poses a risk if not updated for deployment and could expose unintended data. While some destructive operations (file deletion, table drop) require explicit confirmation, an AI agent could still provide this confirmation.
Similar Servers
Teamwork-MCP
The MCP server simplifies interaction with the Teamwork.com API, enabling AI agents to manage projects, tasks, people, and companies within Teamwork.
DatabaseMcpServer
Provides a robust and secure database access layer for AI assistants, supporting 19 types of databases with single-instance multi-database dynamic switching and over 50 tools for data and schema management.
mcp
The MCP Server provides an AI-powered framework for command execution, plugin-based tools, secure Python evaluation, and knowledge management, designed for standalone or embedded use.
photons
A comprehensive demonstration MCP server showcasing various functionalities of the Photon runtime, including basic data handling, streaming responses, progress reporting, in-memory state management, and interactive UI elements. It serves as a reference for developers building new photons.