Citation Finder Ai MCP Server by MEOK AI Labs
This MCP server implements citation formatting with reasonable auth checks and rate limiting, but contains several security concerns that require attention. The server makes unauthenticated HTTP requests to external APIs (Crossref, Semantic Scholar), implements rate limiting only client-side without reliable enforcement, and the auth_middleware relies on external network calls that fail open, allowing unlimited access if the verification endpoint is unreachable. Additionally, the codebase exhibits concerning patterns including hardcoded external URLs, environment variable exposure via monetization layers, and weak input validation on citation formatting functions. Supply chain analysis found 3 known vulnerabilities in dependencies (0 critical, 3 high severity). Package verification found 1 issue.
7 files analyzed · 15 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
This plugin requests these system permissions. Most are normal for its category.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-csoai-org-citation-finder-ai-mcp": {
"args": [
"-y",
"citation-finder-ai-mcp"
],
"command": "npx"
}
}
}Be the first to review this server!
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
by Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption