asher-mcp
Verified Safeby shlomiuziel
Overview
A secure, local-first financial data aggregator for Israeli banks and credit card companies, providing an MCP server interface for AI hosts to analyze transactions.
Installation
tsx src/mcp/Server.tsEnvironment Variables
- DATABASE_URL
- DB_HOST
- DB_PORT
- DB_NAME
- DB_USER
- DB_PASSWORD
- DB_SSL
Security Notes
The project implements strong security practices including local-first data storage, encryption at rest for sensitive data (using better-sqlite3-multiple-ciphers), runtime encryption key prompting (key not stored on disk), and strict file permissions (chmod 600) for the SQLite database. SQL SELECT queries from MCP hosts are validated to prevent injection and restrict access to allowed tables. The primary remaining risks are inherent to banking scrapers (reliance on israeli-bank-scrapers library, potential for account lockout if scrapers fail, security of the initial credentials.json file, and the user's secure management of their encryption key). No 'eval' or malicious patterns were found.
Similar Servers
finance-trading-ai-agents-mcp
A specialized MCP server for financial analysis and quantitative trading, designed to deploy local financial MCP services with a departmental architecture for LLM integration and algorithmic trading.
kukapay-mcp-servers
Aggregates real-time cryptocurrency and blockchain data for AI agents and developers, spanning DeFi, trading, market analytics, and Web3 services.
mcp-sanitizer
Provides a comprehensive security sanitization library and example implementations for Model Context Protocol (MCP) servers and general Node.js applications.
copilot-money-mcp
The Copilot Money MCP Server enables AI-powered queries of personal financial data by reading locally cached Copilot Money data.