SearchAndApplyJobs
Verified Safeby naveenkshyam
Overview
A Model Context Protocol (MCP) server designed to help with job applications by searching jobs across multiple sites, analyzing job postings, and optimizing resumes and cover letters.
Installation
python main.pySecurity Notes
The server uses `read_file`, `read_resume_pdf`, `read_document`, and `save_cover_letter` functions that take user-provided file paths. If the MCP server is exposed to untrusted external input (e.g., via an LLM generating arbitrary paths), this could lead to directory traversal or unauthorized file system access (read/write). The `scrape_job_posting` tool takes an arbitrary URL, which could be exploited for Server-Side Request Forgery (SSRF) if the URL is not validated. The `ddgs` library performs external network requests, which can be a network risk if not contained. The hardcoded date filter in `search_jobs` (`after:2024-11-01`) is a functional issue, not a security one.
Similar Servers
mcp-omnisearch
Provides a unified interface for various search, AI response, content processing, and enhancement tools via Model Context Protocol (MCP).
mcp-server
Provides a Model Context Protocol (MCP) server for AI agents to search and retrieve curated documentation for the Strands Agents framework, facilitating AI coding assistance.
mcp-mcp
Discovers and suggests other Model Context Protocol (MCP) servers to AI assistants based on natural language queries, returning their full documentation.
tenets
Provides intelligent, token-optimized code context and automatically injects guiding principles to AI coding assistants for enhanced understanding and consistent interactions.