open-feishu-mcp-server
Verified Safeby ztxtxwd
Overview
A remote Model Context Protocol (MCP) server with integrated Feishu (Lark) OAuth for securely connecting AI agents and clients to Feishu's API ecosystem, enabling AI-powered automation and interaction within Feishu documents, sheets, and other services.
Installation
npm run devEnvironment Variables
- FEISHU_APP_ID
- FEISHU_APP_SECRET
- COOKIE_ENCRYPTION_KEY
Security Notes
The server leverages `zod` for robust input validation, which is a strong security practice. Secrets like `FEISHU_APP_ID`, `FEISHU_APP_SECRET`, and `COOKIE_ENCRYPTION_KEY` are handled securely via Cloudflare Workers' `wrangler secret` mechanism, not hardcoded. A potential, albeit low, risk exists in `mediaUploadTool`'s ability to fetch content from a user-provided URL without explicit validation of the URL itself (SSRF if the upstream AI agent can provide malicious URLs). There's also a hardcoded dependency on an external `svg-to-png.tapeless.eu.org` service for SVG conversion, introducing a supply chain risk.
Similar Servers
mcp-server
Provides secure OAuth-based authentication and a set of tools for querying and retrieving data from ThoughtSpot instances, acting as a Model Context Protocol (MCP) server for integration with various Large Language Models (LLMs).
remote-mcp-server-authless
Provides an unauthenticated remote Model Context Protocol (MCP) server for integrating custom tools with AI models on Cloudflare Workers.
remote-mcp-server
This server provides a remote Model Context Protocol (MCP) endpoint on Cloudflare Workers, demonstrating how to integrate custom tools with AI agents (like Claude) and manage OAuth-based authentication.
n8n-mcp-server
Deploys a remote Model Context Protocol (MCP) server on Cloudflare Workers for exposing AI tools without requiring authentication.