moodle-mcp-server
by maldalur
Overview
Automate grading of Moodle submissions using AI, track student progress, and generate reports.
Installation
python src\main.pyEnvironment Variables
- MOODLE_URL
- TOKEN_MOODLE
- COURSE_LIST
- OLLAMA_HOST
- OLLAMA_MODEL
Security Notes
The `moodle_client.py`'s `download_file` and `_process_vpl_file_entry` functions are vulnerable to path traversal. If a malicious filename containing '..' (e.g., `../../etc/passwd`) is received from the Moodle API, it could lead to arbitrary file writes outside the intended 'downloads' directory. Additionally, while environment variables are used for sensitive API tokens, the `MOODLE_SERVICE_SETUP.md` document explicitly shows a token value, which is a common security risk if copied directly into production code. AI model output is parsed from JSON, which is generally safe, but if displayed on an unsanitized web interface, could lead to XSS (not directly applicable to this project's current output methods to Markdown files).
Similar Servers
MediaWiki-MCP-Server
An MCP server that enables Large Language Model (LLM) clients to interact with any MediaWiki wiki.
paddle-mcp-server
Provides LLMs and AI agents with tools for interacting with the Paddle Billing API to manage payments, subscriptions, and other billing-related entities.
llms
A centralized configuration and documentation management system for LLMs, providing tools for building skills, commands, agents, prompts, and managing MCP servers across multiple LLM providers.
cross-llm-mcp
Provides unified access to multiple Large Language Model APIs (ChatGPT, Claude, DeepSeek, Gemini, Grok, Kimi, Perplexity, Mistral) for AI coding environments, enabling intelligent model selection, preferences, and prompt logging.