Paper_Review_generator
Verified Safeby yuezhang23
Overview
Provides a Model Context Protocol (MCP) server to expose OpenReview API functionalities (profile, notes, reviews, groups, invitations) as tools for AI models.
Installation
python openreview_mcp/openreview_mcp.pyEnvironment Variables
- OPENREVIEW_USERNAME
- OPENREVIEW_PASSWORD
- OPENREVIEW_BASEURL
Security Notes
The server uses environment variables (or .env file) for OpenReview credentials, which is good practice. It wraps the standard OpenReview Python SDK for API calls. Input parameters to API calls are passed to the SDK; potential injection vulnerabilities would typically depend on the SDK's handling. The `search_notes` function constructs a query string by joining terms, which could theoretically be a weak point if the underlying OpenReview SDK doesn't robustly escape search inputs. However, no direct `eval` or blatant malicious patterns were found. File uploads or code execution through the MCP server itself are not apparent. The broader `paper_chat_app` (also in the repository) includes file upload and PDF processing, which are handled with reasonable precautions (e.g., path traversal checks for serving files) but inherently carry more risk. This security score specifically pertains to the `openreview_mcp.py` file.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
opensearch-mcp-server-py
Enables AI assistants and LLMs to interact with OpenSearch clusters by providing a standardized Model Context Protocol (MCP) interface through built-in and dynamic tools.