reddit-mcp-server
Verified Safeby jordanburke
Overview
Provides tools for fetching and creating Reddit content through a Model Context Protocol (MCP) server.
Installation
npx reddit-mcp-serverEnvironment Variables
- REDDIT_CLIENT_ID
- REDDIT_CLIENT_SECRET
- REDDIT_USER_AGENT
- REDDIT_USERNAME
- REDDIT_PASSWORD
- TRANSPORT_TYPE
- PORT
- HOST
- OAUTH_ENABLED
- OAUTH_TOKEN
Security Notes
The server correctly loads sensitive credentials (Client ID, Client Secret, Username, Password, OAuth Token) from environment variables, preventing hardcoding. Input validation for tool parameters is implemented using Zod, reducing common injection vulnerabilities. The RedditClient handles OAuth2 token acquisition and refresh, and includes a retry mechanism for 401 errors. Optional OAuth protection for the HTTP endpoint is available, with token generation if none is provided during setup. No 'eval' or obvious malicious patterns were found in the provided code. However, the OAuth token generation during startup if `OAUTH_ENABLED` is true but `OAUTH_TOKEN` is unset, prints the token to console.error, which might be a minor security exposure if not properly managed in a production environment.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-omnisearch
Provides a unified interface for various search, AI response, content processing, and enhancement tools via Model Context Protocol (MCP).
x-twitter-mcp-server
An MCP server for interacting with Twitter (X) via AI tools, allowing natural language commands to fetch, post, search, and manage tweets and user data.
scrapi-mcp
This MCP server enables AI agents to scrape web pages and retrieve their content as HTML or Markdown, with advanced browser interaction capabilities.