money-manager-mcp

CRITICAL VULNERABILITY: The `src/client/http-client.ts` file uses `new Function(`return (${responseText});`)` to parse API responses (line 314). This is equivalent to `eval()` and constitutes a Remote Code Execution (RCE) vulnerability. If the external 'Realbyte Money Manager application's web server' (which is the source of `responseText`) is compromised or returns malicious JavaScript, this server will execute it on the host machine. While the developer states 'This is safe because we're only evaluating data from our known API', this assumption introduces a significant attack vector. Additional risks: File operations (`downloadFile`, `uploadFile`, `summary_export_excel`) take `outputPath` or `filePath` as arguments. If an attacker can manipulate the AI's input (e.g., via prompt injection), they could potentially cause arbitrary file writes or reads on the server's host machine. The dangerous `backup_download` and `backup_restore` tools are explicitly disabled in `src/index.ts`, which is a positive security decision.