product-usage-data-mcp-server
Verified Safeby panigrahyvivek
Overview
Provides an Express.js API and an MCP server for AI-driven analysis of product usage data stored in CSV files using Google Gemini.
Installation
node index.jsEnvironment Variables
- GOOGLE_API_KEY
Security Notes
The AI analysis endpoint is vulnerable to prompt injection as user input is directly interpolated into the LLM context. The file upload (`multer`) and delete endpoints use `file.originalname` and `req.params.name` respectively, which, while `path.join` helps mitigate basic path traversal, could still be problematic if filenames are not rigorously sanitized for characters beyond simple names. Additionally, the `data` directory, where uploaded files reside, is served statically, meaning any uploaded file can be publicly accessed.
Similar Servers
gemini-mcp-tool
A Model Context Protocol (MCP) server that enables AI assistants to interact with the Google Gemini CLI for comprehensive code and file analysis, structured edit suggestions, and creative brainstorming.
gemini-mcp-server
An MCP server providing a suite of 7 AI-powered tools (Image Gen/Edit, Chat, Audio Transcribe, Code Execute, Video/Image Analysis) powered by Google Gemini, featuring a self-learning "Smart Tool Intelligence" system for prompt enhancement and user preference adaptation.
nanobanana-api-mcp
An MCP server providing image generation and editing capabilities via the Google Gemini API, integrable with various AI coding assistants and IDEs.
mcp-gemini-prompt-enhancer
A Model Context Protocol (MCP) server that provides a prompt optimization service for Large Language Models (LLMs) using Google Gemini, with advanced prompt engineering support and automatic PDF asset management.