product-usage-data-mcp-server
Verified Safeby panigrahyvivek
Overview
Provides an Express.js API and an MCP server for AI-driven analysis of product usage data stored in CSV files using Google Gemini.
Installation
node index.jsEnvironment Variables
- GOOGLE_API_KEY
Security Notes
The AI analysis endpoint is vulnerable to prompt injection as user input is directly interpolated into the LLM context. The file upload (`multer`) and delete endpoints use `file.originalname` and `req.params.name` respectively, which, while `path.join` helps mitigate basic path traversal, could still be problematic if filenames are not rigorously sanitized for characters beyond simple names. Additionally, the `data` directory, where uploaded files reside, is served statically, meaning any uploaded file can be publicly accessed.
Similar Servers
gemini-mcp-server
An MCP server providing a suite of 7 AI-powered tools (Image Gen/Edit, Chat, Audio Transcribe, Code Execute, Video/Image Analysis) powered by Google Gemini, featuring a self-learning "Smart Tool Intelligence" system for prompt enhancement and user preference adaptation.
nanobanana-api-mcp
An MCP server providing image generation and editing capabilities via the Google Gemini API, integrable with various AI coding assistants and IDEs.
GeminiMCP
Integrate Google's Gemini API for AI-powered tasks and search with Model Control Protocol (MCP) clients, focusing on developer-centric features like code analysis and context handling.
mcp
Integrate Google Gemini API features (text generation, chat, image analysis, web search, embeddings, image/video generation) into a Model Context Protocol (MCP) server for local or remote AI client applications.