sleekcms-mcp-server
by sleekcms
Overview
A chatbot system that integrates with SleekCMS to provide AI-powered insights about website content and manage conversation context using the Model Context Protocol (MCP).
Installation
npm run devEnvironment Variables
- ANTHROPIC_API_KEY
- ANTHROPIC_MODEL
- PORT
Security Notes
The server has a critical Server-Side Request Forgery (SSRF) vulnerability. The `pubToken` input in the `/api/connect` endpoint can accept a full URL (`token.startsWith('http')`). If a URL is provided, the backend will attempt to `fetch` data from that arbitrary URL, making it possible for an attacker to probe internal networks, access cloud metadata services, or initiate requests to other unintended endpoints from the server's perspective. Additionally, the default CORS configuration (`app.use(cors())`) allows all origins, which is acceptable for local development but constitutes a security risk in a production environment without explicit origin restrictions.
Similar Servers
brand-assets-ecosystem
Manages, tests, and documents brand assets and related integrations within a web-based ecosystem, potentially leveraging AI and Netlify deployment.
wp-content-mcp
Manages WordPress posts and pages, providing tools for content creation, updates, deletion, and advanced operations like scheduling and bulk editing.
common-mcp-server
Provides a reusable framework for building HTTP Model Context Protocol (MCP) servers with FastAPI, supporting OAuth 2.1 and Personal Access Token (PAT) authentication.
codesona-mcp-server
The Codesona MCP Server provides team coding standards via stdio transport to AI assistants in IDEs, fetching rules from the Codesona API and supporting rule suggestion.