simpolism/AstroMCP
highAn MCP server for querying astrological data.
This MCP server provides astrological chart functionality for AI assistants, allowing users to query detailed astrological data (planetary positions, ...
63export async function getPlanetaryPositions(
64 date: string,
65 time: string,
66 lat: number,
67 lng: number,
68): Promise<CalculationResult> {
69 try {
70 const url = `${ASTRO_API_ENDPOINT}?date=${date}&time=${time}&lat=${lat}&lng=${lng}`;
71 const response = await fetch(url);
72
73 if (!response.ok) {
74 throw new Error(`HTTP error! status: ${response.status}`);
75 }
76
77 return await response.json();
78 } catch (error) {
79 console.error("API error:", error);
80 throw new Error("Failed to get astrological data");
81 }
82}// Exploitable only if MCP is exposed to untrusted prompts (network_exposed). For local-only, severity would be medium.
The getPlanetaryPositions function constructs a URL using user-supplied date, time, lat, and lng parameters without proper validation. Although the base URL is hardcoded, an attacker could inject additional query parameters or manipulate the URL structure by including special characters (e.g., '&', '#') in the date or time fields. This could lead to SSRF or parameter pollution attacks against the external API.
ImpactAn attacker could potentially manipulate the request to the external API, causing it to return unexpected data or interact with other endpoints. If the external API is compromised, this could lead to SSRF or data exfiltration.
FixValidate and sanitize all user-supplied parameters (date, time, lat, lng) to ensure they conform to expected formats. Use URL encoding or parameterized requests to prevent injection. Consider using a library that safely constructs URLs.
8export async function geocodeLocation(
9 locationString: string,
10): Promise<{ latitude: number; longitude: number }> {
11 try {
12 const params = new URLSearchParams();
13 params.append("layer", "city");
14 params.append("layer", "district");
15 params.append("q", locationString);
16 params.append("limit", "1");
17
18 const response = await fetch(
19 `https://photon.komoot.io/api?${params.toString()}`
20 );// Exploitable only if MCP is exposed to untrusted prompts (network_exposed). For local-only, severity would be medium.
The geocodeLocation function takes a user-provided location string and passes it directly as a query parameter to an external API (photon.komoot.io). While the URL is hardcoded, an attacker could potentially manipulate the location string to include special characters or parameters that alter the request, leading to SSRF or other injection attacks. Additionally, the function does not validate or sanitize the location input, which could be used to probe internal networks if the external API were compromised or redirected.
ImpactAn attacker could potentially manipulate the location string to cause the server to make requests to unintended endpoints, exfiltrate data, or perform SSRF attacks against internal services if the external API is compromised or if the URL construction is exploited.
FixValidate and sanitize the location input to ensure it only contains expected characters (e.g., alphanumeric, spaces, commas). Consider using a whitelist of allowed characters or a regex pattern. Additionally, implement network-level controls to restrict outbound traffic to only necessary endpoints.
106export const getChart = async (args: GetChartSchema): Promise<string> => {
107 try {
108 // query lat + long from OSM
109 const { longitude, latitude } = await geocodeLocation(args.location);
110
111 // query simple-astro-api
112 const astroData = await getPlanetaryPositions(
113 args.date,
114 args.time,
115 latitude,
116 longitude,
117 );
118
119 // return chart2txt string
120 return generateChartDescription(astroData, args.location);
121 } catch (error) {
122 console.error("Error in getChart:", error);
123 throw new Error(`Failed to process name: ${(error as Error).message}`);
124 }
125};// Applicable to both network_exposed and local_only threat models. For local_only, severity would be low.
The getChart function accepts user-supplied location, date, and time parameters without any validation beyond what is provided by the schema (GetChartSchema). The schema definition is not shown, but if it does not enforce strict formats (e.g., date format, allowed characters), an attacker could supply malformed input that leads to unexpected behavior in the geocoding or planetary positions API calls.
ImpactAn attacker could provide malformed input that causes the server to make invalid API requests, potentially leading to denial of service, information disclosure, or injection attacks. Without proper validation, the server may also be vulnerable to other attacks such as SSRF or command injection if the input is used in other contexts.
FixImplement strict input validation for all user-supplied parameters. For location, use a whitelist of allowed characters. For date and time, enforce specific formats (e.g., YYYY-MM-DD for date, HH:MM for time). Use a validation library like Zod to enforce schemas with regex patterns.