pdf_mcp_chromadb
Verified Safeby Tommertom
Overview
Provides a Model Context Protocol (MCP) server for processing PDF documents, generating local embeddings, and performing semantic search.
Installation
uvx mcp-pdf-chromaSecurity Notes
The server downloads PDFs from arbitrary URLs provided by the user, which introduces a potential Server-Side Request Forgery (SSRF) risk and resource consumption vulnerability if exposed to untrusted input without proper network segmentation. While it has file size limits and URL validation, a malicious actor could still attempt to download large files repeatedly or target internal network resources. There are no obvious hardcoded secrets, 'eval' usage, or other direct code execution vulnerabilities. The embedding model runs locally, avoiding external API security concerns.
Similar Servers
pageindex-mcp
This MCP server acts as a bridge, enabling LLM-native, reasoning-based RAG on documents (local or online PDFs) for MCP-compatible agents like Claude and Cursor, without requiring a vector database locally.
mcp-pdf-reader
Exposes local PDFs for reading, semantic search, chunking, and table extraction to MCP-compatible agents or via a CLI.
pdflens-mcp
This MCP server provides tools for reading and extracting information from PDF files, including text and images, designed for AI clients.
MCP-LocalFileResource-Server
The server provides LLMs and MCP clients with a standardized way to access, search, and process local files, including text, code, and PDFs, through Model Context Protocol resources and tools.