mcp-raganything
Verified Safeby Kaiohz
Overview
A FastAPI application providing a REST API and MCP server for Retrieval Augmented Generation (RAG) using the RAG-Anything library, integrated with Claude Desktop.
Installation
uv run --directory /absolute/path/to/mcp-raganything python -m src.mainEnvironment Variables
- OPEN_ROUTER_API_KEY
- RAG_STORAGE_TYPE
- COSINE_THRESHOLD
- MCP_TRANSPORT
- LIGHTRAG_API_URL
- POSTGRES_USER
- POSTGRES_PASSWORD
- POSTGRES_DATABASE
- POSTGRES_HOST
- POSTGRES_PORT
Security Notes
The application correctly uses environment variables for sensitive configurations like API keys, which is good practice. CORS `allow_origins` defaults to `["*"]`, which is overly permissive for production and should be restricted. File uploads via `/api/v1/file/index` save to a temporary directory; while generally safe, the processing by underlying libraries like `Docling` or `RAGAnything` should be sandboxed to prevent execution of malicious content, and `file.filename` should be robustly sanitized against directory traversal. Request forwarding to the LightRAG server carries `Authorization` headers, relying on LightRAG's security for handling these credentials. No direct `eval` or obvious command injection vulnerabilities were found in the provided code.
Similar Servers
context-portal
A database-backed Model Context Protocol (MCP) server for managing structured project context, designed to be used by AI assistants and developer tools within IDEs and other interfaces for Retrieval Augmented Generation (RAG) and prompt caching.
qdrant-loader
Provides intelligent Retrieval-Augmented Generation (RAG) capabilities by connecting a QDrant knowledge base with AI development tools like Cursor, Windsurf, and Claude Desktop, offering semantic, hierarchy-aware, and attachment-focused search for contextual code assistance and documentation lookup.
DAUT
An AI-powered tool for automatically generating and updating documentation for codebases, supporting multiple languages and exposing RAG capabilities via an MCP server.
ragflow-claude-desktop-local-mcp
This server integrates RAGFlow's knowledge base and document management APIs with LLMs like Claude Desktop, providing enriched context and enhanced retrieval capabilities through a Model Context Protocol (MCP) interface.