dharma_mcp_service
Verified Safeby samcorl
Overview
The Dharma MCP Service provides Model Context Protocol (MCP) tools for fiber arts agents to help customers with product recommendations, compatibility checking, and project guidance.
Installation
./deploy.shEnvironment Variables
- MYSQL_PASSWORD
- MYSQL_ROOT_PASSWORD
- RAILS_MASTER_KEY
Security Notes
The server follows standard Rails security practices, using environment variables for sensitive credentials (MYSQL_PASSWORD, RAILS_MASTER_KEY). SQL queries in the `McpController` use ActiveRecord's parameterized `where` clauses (e.g., `ILIKE ?`), which properly escapes input and mitigates SQL injection risks. No direct `eval` or blatant obfuscation was found. The `AgentGuidance` feature's condition matching is noted as 'simple' in a comment, suggesting it could be more robust, but this is a functional limitation rather than a direct security vulnerability. Overall, it appears safe for its intended purpose.
Similar Servers
dbt-mcp
Provides a Model Context Protocol (MCP) server that exposes various dbt-related functionalities (CLI, Semantic Layer, Discovery, Admin API, Code Generation, LSP) as tools for AI agents to interact with dbt projects in Core, Fusion, and Platform environments.
mcp-reference-server
Standardize and manage fulfillment operations for AI agents by providing a universal interface to various fulfillment systems.
mcp-marketplace
A comprehensive AI agent framework that facilitates tool orchestration and access to a marketplace of MCP (Model Context Protocol) servers, offering a web-based client for chat, administration, and benchmarking.
noteit-mcp
Provides an HTTP Model Context Protocol (MCP) server for AI coding tools to access structured agent profiles and personalized notes, enhancing AI development workflows.