ihale-mcp
by saidsurucu
Overview
Provides an MCP server to access Turkish public tender data (EKAP v2) and official government announcements (ilan.gov.tr) for LLM applications and other clients.
Installation
uvx --from git+https://github.com/saidsurucu/ihale-mcp ihale-mcpSecurity Notes
The `ihale_client.py` explicitly disables SSL certificate verification (`ssl_context.check_hostname = False`, `ssl_context.verify_mode = ssl.CERT_NONE`) for HTTP requests to EKAP. This is a critical security vulnerability, making the client susceptible to Man-in-the-Middle (MitM) attacks where an attacker could intercept or tamper with communication. It also attempts 'warm-up' requests to obtain session cookies, which combined with disabled SSL verification, amplifies risks. There are no obvious hardcoded secrets, obfuscation, or other malicious patterns in the provided code, but the SSL issue is severe.
Similar Servers
yargi-mcp
Provides LLM applications programmatic access to various Turkish legal sources (Court of Cassation, Council of State, Constitutional Court, etc.) for legal research, decision searching, and document retrieval.
mcp-tavily
Provides AI-powered web search, answer generation, and news search capabilities to LLMs via the Tavily API for research, fact-finding, and gathering detailed information.
datagouv-mcp
The data.gouv.fr MCP server enables AI chatbots to search, explore, and analyze datasets from the French national Open Data platform directly through conversation.
Riksdag-Regering-MCP
Enables LLMs to query and retrieve real-time open data, documents, protocols, and records from the Swedish Parliament (Riksdagen) and Government Offices (Regeringskansliet).