python-mcp-server

The server has critical security risks. The `read_file` and `write_file` tools allow arbitrary file system access (read/write to any path the server process has permissions for), posing a significant threat of data leakage or corruption. The `web_request` tool can make arbitrary HTTP GET requests, which could be exploited for Server-Side Request Forgery (SSRF) or to interact with internal network resources. Crucially, the FastAPI REST API server (`api_server.py`) has no authentication implemented (`allow_origins='*'` and no API key enforcement), making all its powerful tools accessible to anyone who can reach the server's endpoint. While SQL queries are restricted to 'SELECT', direct execution of raw query strings could still be vulnerable to injection without robust input sanitization by the ODBC driver. The `DB_CONFIG` is hardcoded, which is generally poor practice but not a direct security flaw in this specific 'trusted connection' setup.