wecom-bot-mcp-server
Verified Safeby loonghao
Overview
An MCP server that enables AI assistants to send various message types, files, and images to WeCom (WeChat Work) groups, supporting single or multiple bot configurations.
Installation
uvx wecom-bot-mcp-serverEnvironment Variables
- WECOM_WEBHOOK_URL
- WECOM_BOTS
- WECOM_BOT_<NAME>_URL
- MCP_LOG_LEVEL
- MCP_LOG_FILE
Security Notes
The server demonstrates good security practices: - Webhook URLs are validated to start with 'http://' or 'https://'. - Environment variables are used for sensitive information (webhook URLs), preventing hardcoding. - Image downloads from URLs validate HTTP status and content type, mitigating some risks related to fetching arbitrary content. - File operations check for file existence and type before processing. - Temporary files are used for downloaded images. - Relies on 'notify-bridge' for actual WeCom API interaction, delegating external API security concerns. - No obvious use of 'eval', 'exec', or other direct code execution from untrusted input was found in the provided source.
Similar Servers
hyper-mcp
A fast, secure Model Context Protocol (MCP) server that extends its capabilities through WebAssembly plugins, enabling AI agents to access tools, resources, and prompts.
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
context-engineering
Provides a Model Context Protocol (MCP) server that enables AI agents to control a web browser using Selenium for web automation tasks.
mcp-notify
A Model Context Protocol (MCP) server designed to send messages and notifications across various platforms like WeWork, DingTalk, Telegram, Lark, Home Assistant, Bark, Ntfy, and PushPlus.