mcp-lab
Verified Safeby Preetnagda
Overview
A Next.js dashboard for registering and testing HTTP-based Model Context Protocol (MCP) servers, allowing manual tool interaction or LLM-orchestrated chat experiences.
Installation
npx sst devEnvironment Variables
- DATABASE_URL
- NEXTAUTH_SECRET
- EMAIL_API_KEY
- EMAIL_FROM
- ENCRYPTION_KEY
- NEXTAUTH_URL
- AUTH_TRUST_HOST
- NODE_ENV
Security Notes
The application demonstrates strong security practices, utilizing NextAuth.js for robust authentication and session management, including magic links and Drizzle adapter. Data access is strictly user-scoped across API routes, mitigating unauthorized access. Drizzle ORM prevents SQL injection vulnerabilities by default. OAuth 2.0 authorization code flow with PKCE and state/nonce protection is implemented via `oauth4webapi`. Sensitive API keys and OAuth tokens are encrypted at rest using AES-256-GCM with a key securely managed by SST secrets. Input validation for tool arguments is enhanced by `@rjsf/validator-ajv8` when JSON schemas are provided. A minor note is the hardcoded default `DATABASE_URL` in `sst.config.ts` for local development, which is overwritten by secrets in deployed environments.
Similar Servers
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
mcp-chat
An AI chat application that leverages Pipedream's Model Context Protocol (MCP) to integrate with thousands of APIs and perform tool-based actions, serving as a reference for building powerful AI chat solutions.
mcp-tools
Provides a TypeScript library to simplify building Model Context Protocol (MCP) clients and servers, enabling AI applications to securely access private user data through OAuth-based authentication flows.
toolhive-cloud-ui
A UI for interacting with AI models via OpenRouter and managing/utilizing MCP (Model Context Protocol) servers and their tools from a centralized catalog.