property-prices-mcp
Verified Safeby joemclo
Overview
A Model Context Protocol (MCP) server for searching UK property prices from HM Land Registry and performing local postcode lookups.
Installation
property-prices-mcpEnvironment Variables
- LOG_LEVEL
- POSTCODE_DB_PATH
- CODEPO_ZIP_URL
- CODEPO_DIR
- CODEPO_TMP_DIR
- RUN_E2E_TESTS
Security Notes
The server employs good security practices for external data interactions. SPARQL queries for the HM Land Registry endpoint use string escaping (`.replace(/"/g, '\"')`) to prevent injection within string literals. Queries to the local SQLite database for postcode lookups use parameterized statements, which effectively guards against SQL injection. The local postcode database is opened in read-only mode, reducing the risk of data manipulation. Dependency versions are relatively up-to-date, and the `@modelcontextprotocol/sdk` was recently updated to address a DNS rebinding vulnerability. No direct `eval` or user-controlled command execution with unsanitized input was observed. Potential risks are primarily related to the external HM Land Registry API's availability or rate limits, which are outside the server's control.
Similar Servers
agentql-mcp
Integrates AgentQL's data extraction capabilities to extract structured data from web pages using natural language prompts.
scrapi-mcp
This MCP server enables AI agents to scrape web pages and retrieve their content as HTML or Markdown, with advanced browser interaction capabilities.
data-commons-mcp
A server that facilitates natural language search for open-access scientific datasets and tools using a Large Language Model (LLM) and the Model Context Protocol (MCP).
mcp-mercado-livre
Provides an MCP server tool to scrape product information, such as prices and availability, directly from Mercado Livre, with strong data validation.