gym-mcp-server
Verified Safeby AgentRing
Overview
Expose any Gymnasium environment as an MCP (Model Context Protocol) server via HTTP/REST and MCP endpoints for AI agent integration.
Installation
python -m gym_mcp_server --env CartPole-v1 --host localhost --port 8000Security Notes
The server uses `importlib.import_module` to dynamically load environment classes specified by the `--entry-point` command-line argument at startup. While this is a common Python extensibility pattern and not directly exposed via an API endpoint, it means that if an attacker could control the server's startup command (e.g., via a misconfigured deployment), they could potentially load arbitrary Python code. API endpoints (`/reset`, `/step`, etc.) are protected by FastAPI's Pydantic validation and internal checks against the Gymnasium action space, mitigating common injection risks. No obvious hardcoded secrets or other direct code execution vulnerabilities from user input via HTTP were found.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-servers
A curated collection of Model Context Protocol (MCP) server configurations to integrate various developer tools and services with AI agents.
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
zeromcp
A minimal, pure Python Model Context Protocol (MCP) server for exposing tools, resources, and prompts via HTTP/SSE and Stdio transports.