ihale-mcp
by saidsurucu
Overview
Provides an MCP server to access Turkish public tender data (EKAP v2) and official government announcements (ilan.gov.tr) for LLM applications and other clients.
Installation
uvx --from git+https://github.com/saidsurucu/ihale-mcp ihale-mcpSecurity Notes
The `ihale_client.py` explicitly disables SSL certificate verification (`ssl_context.check_hostname = False`, `ssl_context.verify_mode = ssl.CERT_NONE`) for HTTP requests to EKAP. This is a critical security vulnerability, making the client susceptible to Man-in-the-Middle (MitM) attacks where an attacker could intercept or tamper with communication. It also attempts 'warm-up' requests to obtain session cookies, which combined with disabled SSL verification, amplifies risks. There are no obvious hardcoded secrets, obfuscation, or other malicious patterns in the provided code, but the SSL issue is severe.
Similar Servers
yargi-mcp
Provides programmatic access to various Turkish legal databases (e.g., Yargıtay, Danıştay, Constitutional Court) as a Model Context Protocol (MCP) server for integration with Large Language Model (LLM) applications like Claude AI.
kindly-web-search-mcp-server
Provides web search with robust, LLM-optimized content retrieval from various sources (StackExchange, GitHub, Wikipedia, arXiv, and general webpages) for AI coding assistants.
datagouv-mcp
An MCP server enabling AI chatbots to search, explore, and analyze datasets from data.gouv.fr, the French national Open Data platform.
Riksdag-Regering-MCP
Enables LLMs to query and retrieve real-time open data, documents, protocols, and records from the Swedish Parliament (Riksdagen) and Government Offices (Regeringskansliet).