deflang/infura-mcp
criticalQuery blockchains with plain English — instant, structured, and developer-friendly.
This MCP server allows developers to query Ethereum blockchain data using natural language via Infura APIs. It provides a set of read-only and write t...
6export const servers = ExpressHttpStreamableMcpServer(
7 { name: "infura-mcp" },
8 (server) => {
9 for (const tool of tools) {
10 server.tool(tool.name, tool.description, tool.schema, tool.handler);
11 }
12 }
13);// Source file not analyzed: src/tools/index.ts
// Finding inferred from import chain: src/index.ts:3 → src/tools/index.ts
// Exploitable if the tool handler interprets the query in an unsafe manner (e.g., passing to an LLM or eval). Since the server is network-exposed, remote attackers can send malicious queries.
The 'query_blockchain' tool accepts a plain English query string and processes it to query blockchain data. If the handler interprets the query in a way that allows injection (e.g., constructing a natural language prompt to an LLM or executing dynamic code), an attacker could craft a malicious query to manipulate the behavior, extract sensitive information, or execute unintended actions. Since the MCP server is network-exposed, this is a significant attack surface.
ImpactAn attacker could inject prompts that cause the tool to return data outside the intended scope, leak API keys or internal information, or perform actions not intended by the tool's design.
FixSanitize and validate the query input. Avoid using the query string directly in any LLM or code execution context. Use parameterized queries or strict parsing to ensure only expected blockchain queries are processed.