MCP-server
Verified Safeby winniehhy
Overview
A personal finance tracker for managing income and expenses, with optional synchronization to Notion.
Installation
cd backend && npm install && npm startEnvironment Variables
- PORT
- NOTION_API_KEY
- NOTION_DB_ID
Security Notes
The primary security risk is that all data is stored in a local `data.json` file, and the API has no authentication or authorization. Any client with network access to the API can read, add, or modify financial entries without credentials. While there are no obvious code injection vulnerabilities like `eval` or unsanitized database queries (as it's a JSON file), the lack of access control makes it unsuitable for multi-user environments or exposure beyond localhost. CORS is enabled, likely with default permissive settings, further opening it up.
Similar Servers
mcp-proxy
Acts as a transparent proxy for Model Context Protocol (MCP) servers, allowing switching between stdio, Server-Sent Events (SSE), and Streamable HTTP transports.
mcp-proxy
A TypeScript streamable HTTP and SSE proxy for MCP servers that use stdio transport.
solana-mcp-server
A Solana MCP (Multi-Chain Protocol) server that acts as a proxy for Solana RPC requests, offering enhanced capabilities like caching, metrics, and local sBPF program testing and management.
emceepee
A proxy server enabling AI agents to dynamically connect to and interact with multiple Model Context Protocol (MCP) backend servers, exposing the full MCP protocol via a simplified tool interface or a sandboxed JavaScript execution environment.