MCP-SERVER
by sanketshivale
Overview
Provides an API to query a local file-based JSON database via the Model Context Protocol, exposing data retrieval and filtering tools.
Installation
node mcp-server.jsSecurity Notes
The server directly accesses properties of the loaded JSON database object using user-provided 'table' and 'field' values (e.g., db[table], r[field]). While inputSchema is defined for these tools, the handler functions themselves do not perform explicit sanitization or restrictive type checking on these inputs. If an attacker can provide values like '__proto__' or 'constructor' for 'table' or 'field' (e.g., by bypassing or exploiting a flaw in the Model Context Protocol SDK's input validation), it could potentially lead to prototype pollution, arbitrary object property manipulation, or unexpected behavior. This poses a significant security risk if the server is exposed to untrusted input without robust external validation. Additionally, the server reads the entire 'db.json' file on every tool call, which could be a performance bottleneck for large files.
Similar Servers
tiger-gh-mcp-server
Provides a set of focused tools to Large Language Models (LLMs) for interacting with the GitHub API, enabling capabilities like fetching issues, pull requests, commits, releases, and searching code within a specified organization.
oncp-mcp-server
Hosts an MCP-compatible SSE server for LLM clients to trigger and monitor automated resolution jobs via a downstream FastAPI service.
MCP-SERVER
Provides a backend server for a specific application or service using Node.js.
MCP-Server
Provides a WebSocket-based JSON-RPC server for exposing and invoking defined 'tools,' primarily intended for integration with AI models or agents.