tripo-ai-mcp-server
by pasie15
Overview
Facilitate AI assistant interaction with Tripo3D AI API for 3D model generation, animation, and stylization.
Installation
tripo-ai-mcp-serverEnvironment Variables
- TRIPO_API_SECRET
Security Notes
CRITICAL VULNERABILITY: The `upload_file` tool (and implicitly `image_to_3d`, `multiview_to_3d` which auto-upload local files) accepts a `file_path` (or `image_path`, `files[].path`) directly from the AI model's arguments. This path is then used without sanitization or restriction in `fs.createReadStream()`. An attacker controlling the AI model's input could exploit this to perform an Arbitrary File Read (CWE-22), exfiltrating sensitive files (e.g., `/etc/passwd`, environment variables, API keys if stored on disk) from the server's host system. This is a severe security risk.
Similar Servers
mcp-trino
Enables AI assistants to interact with Trino's distributed SQL query engine for data analytics through a standardized Model Context Protocol (MCP) server.
MCP-Agent
An autonomous AI agent designed to discover, connect to, and utilize tools and resources from various Model Context Protocol (MCP) servers to accomplish tasks.
openapi-mcp-server
Converts OpenAPI specifications into Model Context Protocol (MCP) tools, enabling AI assistants to interact with APIs.
threlte-mcp
Enables AI agents to inspect and manipulate Three.js/Threlte 3D scenes in real-time, facilitating debugging, asset optimization, and cinematic tooling.