joan-mcp
Verified Safeby pollychrome
Overview
Enables AI assistants to interact with and manage projects, tasks, goals, milestones, and notes within the Joan productivity app.
Installation
npx @pollychrome/joan-mcp serveEnvironment Variables
- JOAN_AUTH_TOKEN
- JOAN_API_URL
Security Notes
The server uses strong cryptographic methods (AES-256-GCM, scryptSync) for local authentication token storage and restricts file permissions (0o600). OAuth is used for authentication via a local HTTP callback server, which is well-controlled and times out. Usage of `child_process.spawn` for opening the browser and configuring Claude CLI is for hardcoded commands or locally-derived URLs, reducing the risk of arbitrary command injection. JWT parsing is used only for expiration checks and email extraction, not for authentication verification, which relies on the backend API call. No direct `eval` or blatant obfuscation detected.
Similar Servers
conductor-tasks
Conductor Tasks acts as an intelligent AI-powered assistant for developers, streamlining the entire development lifecycle from task generation and planning (parsing PRDs, expanding tasks, generating implementation steps) to execution and code modification (generating diffs). It provides visual task management, integrates with various IDEs, and leverages multiple LLM providers for optimal results and cost efficiency.
mcp-todoist
Connects Claude with Todoist for comprehensive task and project management through natural language, acting as an AI assistant for productivity.
gsd-task-manager
A local-first, privacy-focused task manager that integrates with AI assistants (like Claude Desktop) for natural language task creation, management, and analysis using the Eisenhower Matrix.
claude-code-buddy
An intelligent AI Agent orchestration system for Claude Code, focusing on smart task routing, prompt enhancement, project memory, workflow guidance, and planning, presented via a real-time terminal UI dashboard.