WeDaka-MCP
by keith-hung
Overview
This MCP server provides an interface for an AI agent to interact with an employee time-tracking and clock-in/out system (WeDaka).
Installation
npx -y git+https://github.com/keith-hung/WeDaka-MCP.gitEnvironment Variables
- WEDAKA_API_URL
- WEDAKA_USERNAME
- WEDAKA_DEVICE_ID
- WEDAKA_EMP_NO
Security Notes
CRITICAL RISK: The `WedakaApiClient` explicitly disables SSL certificate validation (`rejectUnauthorized: false`) when making HTTPS requests. This makes all communications with the `WEDAKA_API_URL` vulnerable to Man-in-the-Middle (MITM) attacks, allowing attackers to intercept, read, or alter sensitive employee data. While noted 'as per API spec', this is a severe security flaw in either the API design or its integration. The server relies heavily on environment variables for authentication (`WEDAKA_USERNAME`, `WEDAKA_DEVICE_ID`, `WEDAKA_EMP_NO`), which is a standard practice but requires secure handling of these variables in the deployment environment. The `DEBUG_API` flag can expose raw API responses if enabled in production, which is a minor concern.
Similar Servers
mcp-server-typescript
Provides a Model Context Protocol (MCP) server to enable AI assistants to access DataForSEO's SEO data APIs through a standardized interface.
frontmcp
The CodeCall plugin provides AgentScript-based meta-tools for orchestrating MCP tools, enabling programmatic discovery, description, execution, and invocation of server capabilities within a sandboxed JavaScript environment.
mcp-typescript-template
This project provides a foundational TypeScript template for developing remote Model Context Protocol (MCP) servers with robust tooling and best practices.
tempo-mcp-server
Manages Tempo worklogs in Jira via a Model Context Protocol (MCP) server, allowing time tracking and worklog operations through MCP-compatible clients.