dflow-mcp
Verified Safeby openSVM
Overview
Provides a Model Context Protocol (MCP) interface to access real-time and historical prediction market data from Kalshi/DFlow.
Installation
bun run src/index.tsSecurity Notes
The server acts as a proxy for an external API. It utilizes robust JSON schema validation for all tool inputs, preventing common injection vulnerabilities. URL construction in the API client is safe, concatenating a fixed base URL with validated paths, mitigating SSRF risks. There are no direct usages of dangerous functions like `eval` or `child_process.exec` with user-controlled input in the main server logic. CORS headers are configured for public access in the Netlify deployment. The `generateCandlestickChart` function (present in the Netlify function but not `src/index.ts`) is safe, transforming numeric data into ASCII art within bounded dimensions. Overall, the implementation is solid for its purpose as a data proxy.
Similar Servers
Financial-Modeling-Prep-MCP-Server
Enables AI assistants to access and analyze comprehensive financial data, stock information, company fundamentals, and market insights from Financial Modeling Prep.
alpha_vantage_mcp
Enables LLMs and agentic workflows to seamlessly interact with real-time and historical stock market data through the Model Context Protocol (MCP).
polymarket-mcp
Integrate Polymarket prediction market data into external applications, particularly AI agents like Claude Desktop, providing real-time market insights and tools.
prediction-market-mcp
Provides real-time prediction market data from Polymarket, PredictIt, and Kalshi for AI coding environments.