douyin-mcp-server
by yc-w-cn
Overview
The Douyin MCP Server provides tools to parse Douyin video share links, extract watermark-free download URLs, download video files, and retrieve video information, designed for self-use or integration with automation tools.
Installation
pnpx @yc-w-cn/douyin-mcp-serverEnvironment Variables
- WORK_DIR
Security Notes
The `DouyinProcessor.parseShareUrl` function directly uses the user-provided `shareText` (after extracting the first URL via a broad regex) in an `axios.get` request. This initial request is not strictly validated against known Douyin domains before execution. This makes the server vulnerable to Server-Side Request Forgery (SSRF), where a malicious `share_link` could compel the server to make requests to arbitrary internal or external hosts. While subsequent logic attempts to construct Douyin-specific URLs, the first network request is a direct SSRF vector.
Similar Servers
ls-mcp
Command-line tool for discovering, analyzing, and reporting on Model Context Protocol (MCP) server configurations in a local development environment.
dokku-mcp
Exposes Dokku's management capabilities through the Model Context Protocol (MCP), enabling Large Language Models (LLMs) to interact with and manage a Dokku instance.
firemcp
Enables AI agents and LLMs to securely interact with Firestore databases through a Model Context Protocol (MCP) server, offering complete CRUD and query operations.
mcp-servers
This server acts as a Model Context Protocol (MCP) server, providing weather alerts and forecasts by integrating with the National Weather Service (NWS) API.