Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"era5-mcp-server": {
"args": [
"jupyterlab"
],
"command": "uvx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
This project provides a ready-to-run MCP (Model Context Protocol) server that interfaces with the Copernicus Climate Data Store (CDS). It allows you to use natural language in an AI assistant (like Gemini CLI or Claude Desktop) to fetch and inspect ERA5 climate data.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
uvx 'jupyterlab' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
JupyterLab's command linker attributes in HTML enable one-click command execution from untrusted content
JupyterLab's HTML sanitizer allowlists `data-commandlinker-command` and `data-commandlinker-args` on `button` elements, while `CommandLinker` listens for all click events on `document.body` and executes the named command without checking whether the element came from trusted JupyterLab UI. A notebook with a pre-saved HTML cell output containing a deceptive button can trigger arbitrary JupyterLab commands - including arbitrary code execution - on a single user click, without any code being submit
Jupyter Notebook Vulnerable to Authentication Token Theft via CommandLinker XSS
### Impact A stored Cross-Site Scripting (XSS) vulnerability in Jupyter Notebook allows attackers to steal authentication tokens from users who open malicious notebook files and interact with elements that the attacker can make look indistinguishable from legitimate controls (single click interaction). The vulnerability enables complete account takeover through the Jupyter REST API, allowing the attacker to: 1. Read all files 2. Modify/create files 3. Access running kernels and execute arbitra
HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering
### Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user. ### Patches JupyterLab v3.6.8, v4.2.5 and Jupyter Notebook v7.2.2 were patched. ### Workarounds There is no workaround for the underlying DOM Clobbering susceptibility. However, select plugins
JupyterLab vulnerable to potential authentication and CSRF tokens leak
### Impact Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a third party when running an older `jupyter-server` version. ### Patches JupyterLab 4.1.0b2, 4.0.11, and 3.6.7 were patched. ### Workarounds No workaround has been identified, however users should ensure to upgrade `jupyter-server` to version 2.7.2 or newer which includes a redirect vulnerability fix. ### References Vulnerability reported by user @davwwwx via the [bug
JupyterLab vulnerable to SXSS in Markdown Preview
### Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user. ### Patches JupyterLab v4.0.11 was patched. ### Workarounds Users can either disable the table of contents extension by running: ```bash jupyter labextension disable @jupyterlab/toc-extension
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in data / maps
Manage Supabase projects — databases, auth, storage, and edge functions
Query and manage PostgreSQL databases directly from AI assistants
Zero-dependency, token-efficient database MCP server for Postgres, MySQL, SQL Server, MariaDB, SQLite.
A Model Context Protocol (MCP) server that enables secure interaction with MySQL databases
MCP Security Weekly
Get CVE alerts and security updates for Era5 Mcp Server and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
This project provides a ready-to-run MCP (Model Context Protocol) server that interfaces with the Copernicus Climate Data Store (CDS). It allows you to use natural language in an AI assistant (like Gemini CLI or Claude Desktop) to fetch and inspect ERA5 climate data.
Before using the server, you must have a Copernicus account and an API key.
https://cds.climate.copernicus.eu/user/YOUR_USER_ID)..cdsapirc file: Create a file named .cdsapirc in your home directory (~/.cdsapirc on Linux/macOS, C:\Users\YourUser\.cdsapirc on Windows).YOUR_UID and YOUR_API_KEY with your actual values:
url: https://cds.climate.copernicus.eu/api/v2
key: YOUR_UID:YOUR_API_KEY
reanalysis-era5-single-levels-monthly-means and reanalysis-era5-pressure-levels-monthly-means), you must visit its page on the CDS website and accept the terms of use manually. The server cannot do this for you.A requirements.txt file is provided to install all necessary dependencies.
# Create and activate a Python virtual environment (recommended)
python -m venv venv
source venv/bin/activate # On macOS/Linux
# .\venv\Scripts\activate # On Windows
# Install the required packages
pip install -r requirements.txt
This server exposes the following tools to your AI assistant:
fetch_era5_single_levelsDownloads ERA5 monthly mean surface data.
variable (str): The surface variable to download (e.g., '2m_temperature').year (str): The year for the data (e.g., '2023').month (str): The month for the data (e.g., '01', '12').output_filename (str): The local path to save the file (e.g., 'data/2m_temp_2023_01.nc').fetch_era5_pressure_levelsDownloads ERA5 monthly mean data on specific pressure levels.
variable (str): The variable to download (e.g., 'geopotential', 'temperature').pressure_level (int): The pressure level in hPa (e.g., 500, 850).year (str or list[str]): The year(s) for the data. Can be a single year ('2023') or a list of years for multi-year downloads (['2020', '2021', '2022']).month (str): The month for the data (e.g., '03').output_filename (str): The local path to save the file.inspect_netcdfInspects a NetCDF file and returns a summary of its contents.
filepath (str): The absolute path to the .nc file to inspect.Once installed, you can run the MCP server directly from your terminal. This will make the tools available to your connected AI assistant.
python era5_server.py
To add the server to your assistant permanently:
gemini tools add era5_server.pylocalhost:8000, and the specification is available at http://localhost:8000/openapi.json.A Jupyter notebook, `te