pdp-mcp
Verified Safeby jpmorgan-payments
Overview
Provides an AI agent with tools to search, read, and find related documentation for JPMorgan Chase Payments Developer Portal APIs.
Installation
python -m jpmc.mcp_for_api_documentation.serverEnvironment Variables
- FASTMCP_LOG_LEVEL
- HTTP_PROXY
- HTTPS_PROXY
Security Notes
The MCP server codebase (Python files) generally follows good security practices: URL validation is enforced for `read_documentation` and `related` tools to prevent Server-Side Request Forgery (SSRF) by ensuring URLs are from the expected JPMC domain. `httpx` is used for network requests, and environment variables are used for proxy configuration. HTML parsing utilizes `BeautifulSoup`, which is robust against malformed HTML. No direct use of `eval`, `os.system`, or `subprocess.run(shell=True)` was found in the server's Python code. No hardcoded secrets were identified. The `metrics/merge.sh` script, while present in the repository, is located in a separate `metrics` directory and is not part of the core MCP server's runtime logic, hence its file handling operations are not assessed as a security risk for the server itself.
Similar Servers
mcp-servers
A curated collection of Model Context Protocol (MCP) server configurations to integrate various developer tools and services with AI agents.
jentic-sdks
The Jentic MCP Plugin enables AI-agent builders to discover, load, and execute external APIs and workflows via the Model Configuration Protocol (MCP), generating LLM-compatible tool definitions.
mcp-server-nodejs-api-docs
Provides up-to-date Node.js API documentation and release schedule information as a service via the Model Context Protocol.
lyra-tool-discovery
This MCP server is designed to fetch, parse, and organize documentation from websites implementing the llms.txt standard. It transforms raw documentation into structured, agent-ready formats, exposing tools for AI agents, LLMs, and automation workflows to consume documentation programmatically.