mcp-dblp
Verified Safeby szeider
Overview
Provides Large Language Models (LLMs) with structured access to the DBLP computer science bibliography for searching publications, processing citations, and exporting BibTeX entries.
Installation
uvx mcp-dblpSecurity Notes
The primary security consideration is the `export_bibtex` tool, which allows writing BibTeX content to an arbitrary user-specified file path. While the content is controlled (BibTeX fetched directly from DBLP), an unconstrained LLM could potentially specify a sensitive file path (e.g., `/etc/passwd.bib`) leading to unintended file creation or overwrites, assuming the server's process has write permissions at that location. This risk needs to be managed by the calling environment or LLM through proper path sanitization. The `subprocess.Popen` usage in `src/mcp_dblp/tools.py` is for internal testing/tooling and does not execute arbitrary user commands. No `eval()` calls, hardcoded secrets, or other obvious arbitrary code execution vulnerabilities were found. External API calls to DBLP include timeouts and an identifying User-Agent.
Similar Servers
awesome-mcp-servers
A central directory for discovering and referencing various Model Context Protocol (MCP) servers, clients, and frameworks for AI agents.
mcp-server-infranodus
Integrates InfraNodus knowledge graph and text network analysis capabilities into LLM workflows and AI assistants for advanced text analysis, content gap detection, and SEO optimization.
mcp-server-weixin
Provides a service for AI systems to send templated messages to WeChat public account users.
Accurate-Cyber-Box-Alpha
Accurate-Cyber-Box is an advanced cybersecurity tool designed for penetration testing, cyber drills, real-time network monitoring, and incident response, integrated with MCP servers and Telegram for enhanced communication and control.