MindbodyMCP
Verified Safeby vespo92
Overview
Provides AI assistants with comprehensive access to the Mindbody API for managing fitness and wellness studio operations, including classes, clients, staff, sales, appointments, and enrollments.
Installation
bunx github:vespo92/MindbodyMCPEnvironment Variables
- MINDBODY_API_KEY
- MINDBODY_SITE_ID
- MINDBODY_SOURCE_NAME
- MINDBODY_SOURCE_PASSWORD
Security Notes
Mindbody API credentials are securely managed via environment variables, which is a good practice. The server supports HTTPS, but requires manual configuration in production. Critical security settings for the SSE transport, such as CORS (`MCP_CORS_ORIGIN`) and DNS rebinding protection (`enableDnsRebindingProtection`), default to permissive values (`*` and `false` respectively) which are unsafe for production and require explicit hardening. Additionally, while `express-rate-limit` is a dependency, it is not explicitly shown being applied to the raw `http.createServer` instance used for the SSE endpoint in `src/index.ts`, posing a potential risk for rate limit exhaustion.
Similar Servers
mcp
Facilitates rapid development of Model Context Protocol (MCP) servers for AI client interaction within Laravel applications.
grafana-ui-mcp-server
This server provides AI assistants with comprehensive access to Grafana UI components, documentation, stories, design system tokens, and dependency analysis to aid in building observability interfaces, dashboards, and data visualization components.
stock_intelligence_mcp
This MCP server enables AI agents to access and analyze Yahoo Finance stock data, providing real-time information, technical analysis, and recommendations.
expenselm-mcp-server
This server likely functions as a backend API for an expense management system, potentially integrating with or serving an expense-specific language model.