dovetail-mcp

mcp
Security Audit
Warn
Health Warn
  • License — License: MIT
  • Description — Repository has a description
  • Active repo — Last push 0 days ago
  • Low visibility — Only 8 GitHub stars
Code Warn
  • process.env — Environment variable access in src/index.ts
  • network request — Outbound network request in src/index.ts
  • fs module — File system access in yarn.config.cjs
Permissions Pass
  • Permissions — No dangerous permissions requested
Purpose
This is the official Model Context Protocol (MCP) server designed to connect AI clients directly to the Dovetail API. It allows AI tools to query and interact with your Dovetail data.

Security Assessment
The overall risk is Low. The tool requires you to provide your Dovetail API token via standard environment variables, which is a secure configuration method, and there are no hardcoded secrets. Outbound network requests are expected and necessary to communicate with the Dovetail API. There are no dangerous permissions requested and no execution of arbitrary shell commands. The detected file system access is limited to build configurations, which is normal for TypeScript/Node.js projects.

Quality Assessment
This is an actively maintained official project with its last code push occurring today. It uses the standard, permissive MIT license. However, the tool currently has very low community visibility with only 8 GitHub stars, meaning it has not been broadly tested or vetted by the open-source community yet.

Verdict
Safe to use, provided you follow standard practices for managing your API tokens.
SUMMARY

Official Dovetail MCP Server

README.md

Dovetail MCP Server

A Model Context Protocol (MCP) server for connecting AI tools to the Dovetail API.

Prerequisites

Installation

Option 1: Download Pre-built Script

  1. Download the latest index.js here
  2. Head over to configuration to continue

Option 2: Setup from Source

  1. Clone the repository:

    git clone https://github.com/dovetail/dovetail-mcp.git
    cd dovetail-mcp
    
  2. Install dependencies:

    yarn install
    
  3. Build the project:

    yarn build
    
  4. Locate and copy the dist/index.js filepath (this will copy the path to your clipboard for the configuration step):

    realpath dist/index.js | pbcopy
    

Configuration

We recommend setting this up in an MCP client like Claude or Cursor by entering the following:

Claude: Please see the MCP website for step by step instructions

Cursor: Navigate to Settings → Tools & Integrations → Add Custom MCP

{
  "mcpServers": {
    "dovetail-mcp": {
      "command": "node",
      "args": ["<path-to-your-index-js-file>"],
      "env": {
        "DOVETAIL_API_TOKEN": "<YOUR_TOKEN>"
      }
    }
  }
}

License

MIT

Reviews (0)

No results found