lumin-mcp-server
by luminpdf
Overview
Enables AI assistants to manage documents, send signature requests, retrieve workspace details, and generate PDFs using Lumin's API services.
Installation
node build/stdio.jsEnvironment Variables
- LUMIN_API_KEY
- LUMIN_API_URL
Security Notes
When run locally (via `node build/stdio.js`), the `upload_file_to_lumin` and `send_signature_request_on_lumin` tools expose a `path` parameter that is directly used with `node:fs.readFileSync` without validation. This allows the server to read arbitrary local files if the AI assistant is prompted to provide a malicious path (e.g., directory traversal `../../../etc/passwd`), leading to critical local file exfiltration vulnerabilities. API keys are handled securely via environment variables or user configuration, not hardcoded.
Similar Servers
google-docs-mcp
Allows AI assistants to programmatically interact with Google Docs, Sheets, and Drive for document management, editing, formatting, and file organization.
mcp-servers
An MCP server for managing files in Google Cloud Storage, supporting CRUD operations (save, get, search, delete) and exposing files as resources.
pdflens-mcp
This MCP server provides tools for reading and extracting information from PDF files, including text and images, designed for AI clients.
mq-mcp
Acts as a Model Context Protocol (MCP) server for AI assistants, enabling them to query and process Markdown and HTML content using the mq query language.