waldur-mcp-server
by waldur
Overview
Integrates Waldur instances with Claude Desktop via Model Context Protocol for API access and management.
Installation
uvx waldur-mcp-serverEnvironment Variables
- WALDUR_API_URL
- WALDUR_TOKEN
Security Notes
The 'query' tool allows arbitrary SQL queries to be executed against the Waldur API. Although it is described as 'read-only', directly exposing an SQL interface to an LLM without robust sanitization on the Waldur API side presents a critical SQL injection vulnerability and a high risk of unintended data exfiltration or manipulation. The 'schema_aware_query' prompt also provides a detailed database schema (meta.yaml) to the LLM, which further enables it to construct complex (and potentially malicious) SQL queries. Additionally, the 'create_invitation' tool performs a highly sensitive administrative action (inviting users and assigning roles) which, if misused or exploited via an LLM, could lead to unauthorized access or user management issues. There are no hardcoded secrets, as API credentials are expected from environment variables.
Similar Servers
claude-code-subagents-collection
The repository serves as a comprehensive marketplace and registry for Claude Code, offering a wide array of specialized AI agents, commands, hooks, and a catalog of external Model Context Protocol (MCP) servers to enhance development workflows.
mcp-manager
A web GUI to easily manage and configure Model Context Protocol (MCP) servers for the Claude Desktop app on MacOS, generating terminal commands for installation and setup.
datadog-mcp
Provides Datadog monitoring and management capabilities as a Model Context Protocol (MCP) server for Claude Desktop and other MCP clients.
aws-sa-tools-mcp-server
A Model Context Protocol (MCP) server that provides tools to interact with AWS services and an optional vector store for document search, primarily designed for integration with Claude Desktop.