hue
by kungfusheep
Overview
Controls Philips Hue lights and smart home devices via CLI or as a Model Context Protocol (MCP) server for AI agents.
Installation
./hueEnvironment Variables
- HUE_BRIDGE_IP
- HUE_USERNAME
Security Notes
CRITICAL: The application's HTTP client explicitly sets `InsecureSkipVerify: true` for TLS configurations when connecting to the Hue Bridge. This bypasses all certificate validation, rendering the HTTPS connection vulnerable to Man-in-the-Middle (MITM) attacks. While this might simplify local network setup, it creates a severe security risk that could allow an attacker to intercept or alter communication with the Hue Bridge. This flaw fundamentally undermines the security of data transmitted over the network. Other aspects, such as using environment variables for sensitive keys and internal parsing of commands, demonstrate good practice and mitigate common injection vulnerabilities, but the TLS bypass is a critical vulnerability.
Similar Servers
ha-mcp
Provides AI agents with complete control over Home Assistant via REST and WebSocket APIs, offering a comprehensive suite of tools for smart home management, automation, and debugging.
advanced-homeassistant-mcp
A powerful, secure, and extensible Model Context Protocol (MCP) server that enables AI assistants like Claude, GPT, and Cursor to seamlessly interact with Home Assistant. Control your lights, climate, automations, and more through natural language commands.
mqtt-mcp
Connects LLM agents to MQTT devices for real-time monitoring and control in smart home, building automation, and industrial control systems.
Govee-MCP
Controls Govee smart lights via natural language commands using an MCP-compatible AI assistant.