MCP-server
Verified Safeby winniehhy
Overview
A personal finance tracker for managing income and expenses, with optional synchronization to Notion.
Installation
cd backend && npm install && npm startEnvironment Variables
- PORT
- NOTION_API_KEY
- NOTION_DB_ID
Security Notes
The primary security risk is that all data is stored in a local `data.json` file, and the API has no authentication or authorization. Any client with network access to the API can read, add, or modify financial entries without credentials. While there are no obvious code injection vulnerabilities like `eval` or unsanitized database queries (as it's a JSON file), the lack of access control makes it unsuitable for multi-user environments or exposure beyond localhost. CORS is enabled, likely with default permissive settings, further opening it up.
Similar Servers
mcp-proxy
Proxies Model Context Protocol (MCP) server traffic, enabling communication between stdio-based clients/servers and HTTP-based transports like Server-Sent Events (SSE) or StreamableHTTP.
mcp-proxy
A TypeScript proxy that enables streamable HTTP and SSE access for Model Context Protocol (MCP) servers communicating over standard I/O.
mcpd-proxy
Provides a network proxy for Minecraft Protocol connections, facilitating traffic management and potential modifications.
mcp_server_ts
This is a Node.js server implementing a single tool ('create-user') for the Model Context Protocol (MCP), primarily for local integration via standard I/O.