easygrade-canvaslms-mcp
Verified Safeby nagalikith
Overview
Automates routine tasks in Canvas LMS using an LLM agent.
Installation
python main.pyEnvironment Variables
- CANVAS_API_TOKEN
- CANVAS_DOMAIN
- FIREWORKS_API_KEY
Security Notes
The code uses environment variables for sensitive API keys (Canvas, Fireworks), which is good practice. Pydantic models are used for API arguments, providing some level of input validation against incorrect types. There's no explicit use of 'eval' or other highly dangerous functions. The `config.yaml` shows placeholders for API keys, which if used directly without environment variables, could lead to hardcoded secrets. The LLM-driven tool routing means that the security relies heavily on the LLM's adherence to the system prompt and the proper validation/sanitization of arguments before they are passed to the Canvas API client. While `smart_normalize_args` helps, it doesn't prevent semantically invalid inputs if the LLM misinterprets a command.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
llms
A centralized configuration and documentation management system for LLMs, providing tools for building skills, commands, agents, prompts, and managing MCP servers across multiple LLM providers.
MUSTer_MCP
Automate interactions with M.U.S.T. (Macau University of Science and Technology) campus systems like Moodle and Wemust for tasks such as retrieving class schedules, listing courses, checking assignments and deadlines, downloading course materials, and opening authenticated web pages.
bb-applescript-mcp-server
Enables LLM clients to automate macOS applications using AppleScript, providing predefined tools for Finder and BBEdit, and supporting custom plugin development.