dovetail-mcp
mcp
Warn
Health Warn
- License — License: MIT
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 8 GitHub stars
Code Warn
- process.env — Environment variable access in src/index.ts
- network request — Outbound network request in src/index.ts
- fs module — File system access in yarn.config.cjs
Permissions Pass
- Permissions — No dangerous permissions requested
Purpose
This is the official Model Context Protocol (MCP) server designed to connect AI clients directly to the Dovetail API. It allows AI tools to query and interact with your Dovetail data.
Security Assessment
The overall risk is Low. The tool requires you to provide your Dovetail API token via standard environment variables, which is a secure configuration method, and there are no hardcoded secrets. Outbound network requests are expected and necessary to communicate with the Dovetail API. There are no dangerous permissions requested and no execution of arbitrary shell commands. The detected file system access is limited to build configurations, which is normal for TypeScript/Node.js projects.
Quality Assessment
This is an actively maintained official project with its last code push occurring today. It uses the standard, permissive MIT license. However, the tool currently has very low community visibility with only 8 GitHub stars, meaning it has not been broadly tested or vetted by the open-source community yet.
Verdict
Safe to use, provided you follow standard practices for managing your API tokens.
This is the official Model Context Protocol (MCP) server designed to connect AI clients directly to the Dovetail API. It allows AI tools to query and interact with your Dovetail data.
Security Assessment
The overall risk is Low. The tool requires you to provide your Dovetail API token via standard environment variables, which is a secure configuration method, and there are no hardcoded secrets. Outbound network requests are expected and necessary to communicate with the Dovetail API. There are no dangerous permissions requested and no execution of arbitrary shell commands. The detected file system access is limited to build configurations, which is normal for TypeScript/Node.js projects.
Quality Assessment
This is an actively maintained official project with its last code push occurring today. It uses the standard, permissive MIT license. However, the tool currently has very low community visibility with only 8 GitHub stars, meaning it has not been broadly tested or vetted by the open-source community yet.
Verdict
Safe to use, provided you follow standard practices for managing your API tokens.
Official Dovetail MCP Server
README.md
Dovetail MCP Server
A Model Context Protocol (MCP) server for connecting AI tools to the Dovetail API.
Prerequisites
- Node.js 22 or higher (download Node from nodejs.org)
- A Dovetail API token (see Dovetail API Documentation for details on obtaining one)
Installation
Option 1: Download Pre-built Script
- Download the latest
index.jshere - Head over to configuration to continue
Option 2: Setup from Source
Clone the repository:
git clone https://github.com/dovetail/dovetail-mcp.git cd dovetail-mcpInstall dependencies:
yarn installBuild the project:
yarn buildLocate and copy the
dist/index.jsfilepath (this will copy the path to your clipboard for the configuration step):realpath dist/index.js | pbcopy
Configuration
We recommend setting this up in an MCP client like Claude or Cursor by entering the following:
Claude: Please see the MCP website for step by step instructions
Cursor: Navigate to Settings → Tools & Integrations → Add Custom MCP
{
"mcpServers": {
"dovetail-mcp": {
"command": "node",
"args": ["<path-to-your-index-js-file>"],
"env": {
"DOVETAIL_API_TOKEN": "<YOUR_TOKEN>"
}
}
}
}
License
MIT
Reviews (0)
Sign in to leave a review.
Leave a reviewNo results found