Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"pdf-report": {
"args": [
"-y",
"pdf-report-generator"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
An MCP server that generates professional corporate PDF reports from structured JSON specs or raw LLM text output. Drop it into Claude Desktop (or any MCP client) and ask Claude to turn analysis, research, or meeting notes into a polished multi-page report complete with cover page, table of contents, executive summary, section headings, tables, and charts.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
uvx 'reportlab' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
ReportLab vulnerable to remote code execution via paraparser
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626.
Reportlab vulnerable to remote code execution
Reportlab up to and including v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.
PYSEC-2021-146
All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos -> odyssey -> dodyssey 3. In the text file odyssey.txt that needs to be converted to pdf inject <img src="http://127.0.0.1:5000" valign="top"/> 4. Create a nc listener nc -lp 5000 5. Run python3 dody
PYSEC-2019-117
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in productivity
Dynamic problem-solving through sequential thought chains
Persistent memory using a knowledge graph
mini cli search engine for your docs, knowledge bases, meeting notes, whatever. Tracking current sota approaches while being all local
Local-first AI memory with knowledge graphs and hybrid search. 17+ AI tools via MCP. Free.
MCP Security Weekly
Get CVE alerts and security updates for io.github.themoddedcube/pdf-report-generator and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
An MCP server that generates professional corporate PDF reports from structured JSON specs or raw LLM text output. Drop it into Claude Desktop (or any MCP client) and ask Claude to turn analysis, research, or meeting notes into a polished multi-page report complete with cover page, table of contents, executive summary, section headings, tables, and charts.
A sample output is at examples/sample_report.pdf.
Install Python dependencies:
pip install reportlab matplotlib
Add to your claude_desktop_config.json:
{
"mcpServers": {
"pdf-report": {
"command": "npx",
"args": ["-y", "pdf-report-generator"]
}
}
}
generate_reportGenerates a PDF from a full structured spec.
Minimal example input:
{
"spec": {
"metadata": {
"title": "Q3 Performance Review",
"author": "Engineering Team",
"company": "Acme Corp",
"classification": "INTERNAL"
},
"executive_summary": "Overall performance improved this quarter...",
"sections": [
{
"heading": "Infrastructure",
"body": "Uptime reached 99.94%...",
"subsections": []
}
],
"tables": [],
"charts": []
}
}
generate_report_from_textConverts raw text into a structured PDF report. Sections are auto-detected from headings.
{
"text": "# Overview\nThis quarter...\n\n# Key Findings\n...",
"title": "Q3 Summary",
"author": "Data Team",
"company": "Acme Corp",
"classification": "INTERNAL",
"theme_name": "navy"
}
list_themesReturns available color themes: default, navy, charcoal, forest, burgundy.
metadata
title* string
subtitle string
author string
date string (YYYY-MM-DD; defaults to today)
company string
department string
document_id string (e.g. RPT-2026-001)
classification string (PUBLIC | INTERNAL | CONFIDENTIAL)
logo_path string (absolute path to PNG/JPG)
page_size "letter" | "a4"
executive_summary string
sections[]
heading* string
body* string (\n\n = paragraph break)
subsections[]
heading* string
body* string
tables[]
title string
headers* string[]
rows* string[][]
after_section int (0-based section index; -1 = after exec summary)
charts[]
title string
type "bar" | "line" | "pie" | "horizontal_bar"
labels* string[]
datasets* [{label, values[]}]
after_section int
images[]
path* string (absolute path)
caption string
width_inches number
after_section int
theme
primary_color [R, G, B]
accent_color [R, G, B]
highlight_color [R, G, B]
Python not found — ensure python or python3 is on your PATH and is version 3.8+.
reportlab not installed — run pip install reportlab matplotlib.
Charts missing — matplotlib is required for charts. Install it with pip install matplotlib.
Large PDFs — complex specs with many charts can take 5–15 seconds. This is normal.
MIT