photons
by portel-dev
Overview
Photons are single-file TypeScript MCP servers designed to supercharge AI assistants with focused capabilities, providing a marketplace of tools for various domains like file operations, cloud integrations, and database management.
Installation
photon mcp <photon-name>Environment Variables
- MONGO_D_B_URI
- MONGO_D_B_DATABASE
- POSTGRE_S_Q_L_DATABASE
- POSTGRE_S_Q_L_USER
- POSTGRE_S_Q_L_PASSWORD
- GOOGLE_CALENDAR_CLIENTID
- GOOGLE_CALENDAR_CLIENTSECRET
- GOOGLE_CALENDAR_REFRESHTOKEN
- SLACK_TOKEN
- AWS_S3_ACCESSKEYID
- AWS_S3_SECRETACCESSKEY
- GIT_HUB_ISSUES_TOKEN
- JIRA_HOST
- JIRA_EMAIL
- JIRA_APITOKEN
- EMAIL_SMTPHOST
- EMAIL_SMTPUSER
- EMAIL_SMTPPASSWORD
Security Notes
The 'math.photon.ts' file uses 'new Function()' to evaluate mathematical expressions (`new Function(...Object.keys(allowed), `return (${expr})`)`). If the 'expression' parameter is supplied by an untrusted source (like an AI, which should always be considered untrusted), this allows for arbitrary code execution with the permissions of the running Photon server. This is a critical security vulnerability. Other photons implement good practices like path validation for filesystem operations and rely on environment variables for sensitive credentials, which is generally secure. However, the presence of 'new Function' makes the overall collection unsafe if the 'math' photon is exposed to untrusted input.
Similar Servers
mcp-servers
An MCP server for fetching, cleaning, and intelligently extracting content from web pages, designed for agent-building frameworks.
ncp
A unified Model Context Protocol (MCP) orchestrator that enables semantic tool discovery, management, scheduling, and execution across a diverse ecosystem of connected AI tools and services.
mmcp
Manages Model Context Protocol (MCP) server definitions in a central configuration and applies them to various AI agent tools.
MCP-Agent
An AI agent for discovering, connecting to, and interacting with Model Context Protocol (MCP) servers and their provided tools, resources, and prompts.