mcp-studies
Verified Safeby LAB271
Overview
Demonstrates the fundamental architecture of an MCP server using stdio transport, showcasing core primitives like tools, prompts, and resources.
Installation
uv run spikes/000_stdio/main_mcp_server.pyEnvironment Variables
- LOG_LEVEL
- PYTHONUNBUFFERED
- SERVER_NAME
- FASTMCP_HOST
- FASTMCP_PORT
- NEO4J_AUTH
- NEO4J_HEAP_INITIAL
- NEO4J_HEAP_MAX
- NEO4J_USER
- NEO4J_PASSWORD
- NEO4J_HOST
- NEO4J_PORT
- NEO4J_DATABASE
- MCP_TRANSPORT
- POSTGRES_HOST
- POSTGRES_PORT
- POSTGRES_USER
- POSTGRES_PASSWORD
- POSTGRES_DB
Security Notes
The `calculate` tool uses `eval()` which is inherently dangerous, even with the `allowed_chars` filtering. While the filtering reduces common injection vectors, `eval()` can still be a source of vulnerabilities if not meticulously secured against all possible edge cases. Additionally, some Docker Compose files contain default hardcoded database credentials which could pose a risk if deployed without proper environment variable overrides.
Similar Servers
keyboard-local
Enables AI clients to execute real-world tasks through connected third-party tools (APIs, CLIs, SDKs) with human approval, leveraging a secure GitHub Codespace environment.
1mcp
Orchestrates AI agent tool calls by executing JavaScript/TypeScript code in a WASM sandbox, reducing LLM context bloat and managing security policies.
company-docs-mcp
Transforms organizational documentation into an AI-powered knowledge base for semantic search, Q&A via chat interface, Claude Desktop, and Slack integration.
mcp-4get
An MCP server providing LLM clients seamless access to the 4get Meta Search engine API for web, image, and news searches.