minimal_sushi_mcp_server_2025
by masaomi
Overview
Submit SUSHI bioinformatics jobs from Cursor/Claude via an MCP server, supporting new datasets and existing ones.
Installation
/home/masaomi/.conda/envs/mcp_server_py3.10/bin/python /srv/sushi/masa_test_sushi_20251002/minimal_sushi_mcp_server_2025/server.pyEnvironment Variables
- SUSHI_ROOT
Security Notes
The server constructs a shell command string using user-provided inputs like 'dataset_name' and 'next_dataset_name' and then executes it via `bash -c`. This pattern is highly vulnerable to shell injection if an attacker (or a compromised LLM) provides malicious input (e.g., `dataset_name='my_data; rm -rf /'`), allowing arbitrary commands to be executed on the host system. Input validation on `app_class`, `project`, and `dataset_id` helps, but string-based inputs are not sufficiently sanitized. Authentication is explicitly omitted for PoC purposes, further increasing risk in a non-PoC scenario.
Similar Servers
mcp-manager
A web GUI to easily manage and configure Model Context Protocol (MCP) servers for the Claude Desktop app on MacOS, generating terminal commands for installation and setup.
deepl-mcp-server
This server provides translation and rephrasing capabilities using the DeepL API, integrated as a Model Context Protocol (MCP) tool for AI clients.
mcp-install-instructions-generator
A tool that generates installation instructions for integrating various AI/coding clients with a Model Context Protocol (MCP) server.
claude-faf-mcp
Provides AI-optimized context for software projects to large language models, enhancing collaboration and project understanding via 50+ specialized tools within Claude Desktop workflows.