pdf_mcp_chromadb
Verified Safeby Tommertom
Overview
Provides a Model Context Protocol (MCP) server for processing PDF documents, generating local embeddings, and performing semantic search.
Installation
uvx mcp-pdf-chromaSecurity Notes
The server downloads PDFs from arbitrary URLs provided by the user, which introduces a potential Server-Side Request Forgery (SSRF) risk and resource consumption vulnerability if exposed to untrusted input without proper network segmentation. While it has file size limits and URL validation, a malicious actor could still attempt to download large files repeatedly or target internal network resources. There are no obvious hardcoded secrets, 'eval' usage, or other direct code execution vulnerabilities. The embedding model runs locally, avoiding external API security concerns.
Similar Servers
mcp-documentation-server
A local-first MCP server for document management, semantic search, and AI-powered document intelligence.
pageindex-mcp
Provides vectorless, reasoning-based RAG capabilities for LLMs to navigate and retrieve information from hierarchical document structures, primarily for long PDFs.
mcp-pdf-reader
Exposes local PDFs for reading, semantic search, chunking, and table extraction to MCP-compatible agents or via a CLI.
MCP-LocalFileResource-Server
The server provides LLMs and MCP clients with a standardized way to access, search, and process local files, including text, code, and PDFs, through Model Context Protocol resources and tools.