Model Context Protocol moderate risk

Bear

This MCP server allows access to Bear Notes data via SQL queries, enabling note retrieval, search, and tag listing, but requires careful configuration.

Connections & Capabilities

Connects To

GitHubSQLiteDocker

Capabilities

read

Quickstart

Install

npm install

npm

Config

{
    "mcpServers": {
        "bear": {
            "command": "docker",
            "args": [
                "run",
                "-v",
                "/Users/[YOUR_USER_NAME]/Library/Group Containers/9K33E3U3T4.net.shinyfrog.bear/Application Data:/app/db",
                "-i",
                "akseyh/bear-mcp-server"
            ]
        }
    }
}

Exposed MCP Tools (3)

safe

get_notes

Retrieves all notes from the Bear Notes database.

Read-only operation, no side effects.

safe

get_tags

Lists all tags from the Bear Notes database.

Read-only operation, no side effects.

safe

get_notes_like

Searches for notes containing specific text in the Bear Notes database.

Read-only operation, but SQL injection possible if not sanitized.

Safety Assessment

This MCP server is relatively safe for read-only operations if the database path is correctly configured and SQL queries are carefully managed. However, the lack of authentication and potential for SQL injection vulnerabilities make it risky if not properly secured.

Read-only access to notes via specific MCP tools.
No direct internet exposure.
Limited set of operations (read, search, list).
Requires local access to the Bear Notes database.

Requires access to the local Bear Notes SQLite database, potentially exposing sensitive data.
SQL injection risk if queries are not properly sanitized.
Potential for information disclosure if access is not properly controlled.
No built-in authentication or authorization mechanisms.
Relies on user-provided configuration for database access.