nestr-mcp
Verified Safeby nestr-dev
Overview
Connects AI assistants to Nestr workspaces, enabling them to manage tasks, projects, organizational structures, and retrieve insights.
Installation
npx -y @nestr/mcpEnvironment Variables
- NESTR_API_KEY
- NESTR_OAUTH_TOKEN
- NESTR_API_BASE
- NESTR_OAUTH_CLIENT_ID
- NESTR_OAUTH_CLIENT_SECRET
- MCP_RESOURCE_URL
- PORT
- OAUTH_STORAGE_DIR
Security Notes
The server implements robust security measures including explicit environment variable usage for API keys/OAuth tokens, proper input validation (using Zod schemas), and HTML escaping for error messages to prevent XSS. It handles OAuth with PKCE verification by proxying to Nestr, adding an important security layer. Session management relies on MCP client termination or server shutdown for cleanup, but `oauth/storage.ts` includes a periodic cleanup for pending auth requests. No `eval` or blatant obfuscation detected. Dynamic client registration, while a standard OAuth feature, always carries inherent risks that appear well-mitigated through validation.
Similar Servers
mesh
An open-source control plane for Model Context Protocol (MCP) traffic, providing unified authentication, routing, observability, and tool management for AI agents and integrations across various services.
plane-mcp-server
Provides AI agents with tools to interact with Plane APIs for project and work item management.
nextcloud-mcp-server
Transforms a Nextcloud instance into a semantic intelligence engine, providing AI agents and semantic search capabilities.
mcp-kubernetes
Enables AI assistants to interact with and debug Kubernetes clusters by translating natural language requests into Kubernetes operations.