triliumnext-mcp
Verified Safeby tan-yong-sheng
Overview
Provides AI assistants with tools to interact with TriliumNext Notes instances, enabling automated knowledge management and content manipulation.
Installation
npx triliumnext-mcpEnvironment Variables
- TRILIUM_API_TOKEN
- TRILIUM_API_URL
- PERMISSIONS
- VERBOSE
Security Notes
The server employs Zod for robust runtime input validation across all tool parameters, which is a strong security measure against common injection attacks. Permission checks are granular for READ/WRITE operations. Update operations require an `expectedHash` to prevent concurrent modification conflicts, enhancing data integrity. Past challenges with file/image uploads led to their temporary disablement, which mitigates potential path traversal or arbitrary file access risks associated with `fileUri` handling. Re-enabling file uploads would require extremely rigorous path validation. The primary remaining risk is the `TRILIUM_API_TOKEN`, which grants full access to the TriliumNext instance; it must be securely managed in the environment.
Similar Servers
google-docs-mcp
Allows AI assistants to programmatically interact with Google Docs, Sheets, and Drive for document management, editing, formatting, and file organization.
obsidian-mcp-plugin
This plugin connects your Obsidian vault to AI assistants through MCP (Model Context Protocol), enabling them to understand and navigate your notes as a connected knowledge graph.
nextcloud-mcp-server
Transforms a Nextcloud instance into a semantic intelligence engine, providing AI agents and semantic search capabilities.
microcms-document-mcp-server
This server provides AI assistants access to microCMS documentation by searching and retrieving content from local Markdown files.