feed-mcp
Verified Safeby richardwooding
Overview
Integrate RSS, Atom, and JSON feeds directly into Claude Desktop conversations for news reading and content analysis.
Installation
docker run -i --rm ghcr.io/richardwooding/feed-mcp:latest run https://techcrunch.com/feed/ https://www.theverge.com/rss/index.xmlEnvironment Variables
- FEED_MCP_DEBUG
- FEED_MCP_LOG_LEVEL
- FEED_MCP_JSON_LOGS
Security Notes
The server includes robust URL validation (scheme, private IP blocking) and a custom `FuzzValidateFeedURL` test to prevent Server-Side Request Forgery (SSRF) attacks. It uses the `gofeed` library for feed parsing, which is generally secure against common XML parsing vulnerabilities. The `fetch_link` tool and image embedding feature expand the attack surface by performing arbitrary HTTP requests, but these are mitigated by the extensive URL validation and built-in circuit breakers/timeouts. OPML parsing is handled, and fuzz tests explicitly address XML vulnerabilities (e.g., XXE). The design prioritizes security-by-default with explicit opt-in for less secure options (e.g., `--allow-private-ips`). No hardcoded secrets or malicious patterns were identified in the truncated source.
Similar Servers
mcp-server-salesforce
Integrates Claude with Salesforce for natural language interactions with Salesforce data and metadata.
mcp-claude-hackernews
Provides Claude Desktop with tools to browse and interact with Hacker News stories and comments.
cldcde
A persistent context manager that scrapes, stores, searches, and analyzes AI conversations from various platforms (ChatGPT, Grok, Gemini, Claude) to support project development and insights.
MCP-News-Server
An MCP-based server for aggregating, summarizing, and analyzing news from various Turkish news sources.