mcp-server-dump
Verified Safeby SPANDigital
Overview
A command-line tool to extract, analyze, and document the capabilities (tools, resources, prompts) of MCP (Model Context Protocol) servers in various formats, including Markdown, JSON, HTML, PDF, and Hugo sites.
Installation
docker run --rm -v "$(pwd):/workspace" -w /workspace ghcr.io/spandigital/mcp-server-dump:latest node server.jsSecurity Notes
The tool's core functionality involves executing user-provided commands (e.g., `node server.js`) to interact with MCP servers. While this is an intended feature, it introduces a significant security risk if the input `server-command` is untrusted or malicious. The code explicitly acknowledges this with `#nosec G204`. Other sensitive operations, such as file I/O for context files and Hugo output, include explicit path traversal protection and file size limits (`maxContextFileSize`). OAuth tokens are cached with restricted file permissions (`0o600`). Network interactions include timeouts and structured header parsing. No obvious hardcoded secrets or malicious patterns were found in the provided source code, making the tool itself reasonably secure, provided users supply trusted commands.
Similar Servers
mcpm.sh
MCPM is a command-line tool for managing Model Context Protocol (MCP) servers, enabling discovery, installation, execution, sharing, and integration with various MCP clients.
orla
Orla acts as a runtime for Model Context Protocol (MCP) servers, enabling the execution of lightweight open-source AI agents and command-line tools locally.
k8s-mcp-server
Interacting with Kubernetes clusters and Helm releases through a standardized Model Context Protocol (MCP) interface.
mcp-use-cli
An interactive command-line interface (CLI) tool for connecting to and interacting with Model Context Protocol (MCP) servers using natural language, acting as an AI client that orchestrates LLM responses with external tools.