mcp-stata
Verified Safeby tmonk
Overview
Connects AI agents to a local Stata installation for executing commands, analyzing data, generating visualizations, and inspecting results.
Installation
uvx --refresh --from mcp-stata@latest mcp-stataEnvironment Variables
- STATA_PATH
- MCP_STATA_LOGLEVEL
Security Notes
The server includes an `eval()` function in `stata_client.py` for evaluating user-provided filter expressions. While `__builtins__` is restricted to an empty dictionary, `eval()` remains a pattern that requires careful scrutiny for potential sandbox escapes, especially if Stata variable names could be manipulated. `subprocess.run()` is used for specific tasks (e.g., Windows PNG export, log reading fallback) and sometimes with `shell=True`, but paths are typically generated internally via `tempfile`, mitigating direct shell injection risks from user input. The internal HTTP server for data browsing is restricted to localhost (`127.0.0.1`) and secured with short-lived bearer tokens, limiting external attack surface. Overall, common patterns with known risks are present but with noticeable mitigation strategies.
Similar Servers
5ire
A desktop AI assistant client that integrates with various LLM providers and connects to Model Context Protocol (MCP) servers for extended tool-use and knowledge base capabilities.
PowerBI-Desktop-MCP
Enables AI assistants to programmatically interact with Power BI Desktop models for data exploration, analysis, and modification.
us-census-bureau-data-api-mcp
The MCP Server provides a standardized API for AI assistants (LLMs) to access and process U.S. Census Bureau data and geography information, enabling data retrieval and analysis through an agent-like interface.
emacs-mcp-server
Connects Large Language Models (LLMs) to an Emacs environment, allowing LLMs to interact with and control Emacs functionality via the Model Context Protocol (MCP).