finance_mcp
Verified Safeby ryar001
Overview
Provides structured financial statements (Income Statement, Balance Sheet, Cash Flow) from public companies for consumption by LLMs via an MCP server.
Installation
uvx finance-mcp-freeEnvironment Variables
- GEMINI_API_KEY
- GOOGLE_APPLICATION_CREDENTIALS
Security Notes
The server primarily uses the `yfinance` library to scrape data from Yahoo Finance, which carries a note in the README about respecting Yahoo Finance's terms of service. There are no explicit `eval` or direct code injection vulnerabilities observed. The logging configuration includes async handlers which is good. Firestore integration is present but not actively used for core data retrieval by the MCP tools. While `GEMINI_API_KEY` is referenced in documentation, the current implementation bypasses LLM for data fetching, thus reducing direct exposure to potential LLM-related prompt injection risks from this component. The server runs as a local process and communicates via standard I/O for MCP, which generally limits direct network exposure.
Similar Servers
planet-mcp
A Python-based project or service, likely related to development or build automation, given the tooling present.
mcp-servers
A foundational Python project providing basic components and utilities for building modular server-like applications.
finance_mcp
Provides structured financial statements (Income Statement, Balance Sheet, Cash Flow) from public companies for consumption by LLMs via an MCP server.
mcp-explorer
A web application for testing and exploring Model Context Protocol (MCP) servers by acting as an API gateway for tool execution.