mcp
by UniversalStandards
Overview
A self-expanding, intelligent Model Context Protocol (MCP) server that automatically discovers, installs, and provisions tools from public registries on-demand for AI applications.
Installation
npm startEnvironment Variables
- GITHUB_TOKEN
- GITHUB_REPO
- AI_PROVIDER
- AI_API_KEY
- AI_MODEL
- JWT_SECRET
- ENCRYPTION_KEY
Security Notes
CRITICAL: The `npmInstall` function in `src/installer/npm-installer.ts` directly executes `npm install ${serverId}` where `serverId` is user-controlled input, leading to potential arbitrary code execution and severe supply chain vulnerabilities. Additionally, `src/auth/jwt-handler.ts` and `src/auth/credential-store.ts` use hardcoded fallback secrets ('dev') for JWT signing and encryption if environment variables are not set, posing a significant risk in non-production environments or if not properly configured. These hardcoded fallbacks and the `npm install` vulnerability significantly reduce the security posture.
Similar Servers
mcphub
A hub for managing, orchestrating, and providing a unified API for various Model Context Protocol (MCP) servers and their tools, including user management, OAuth services, and discovery of external servers.
mcp-k8s
A Kubernetes MCP (Model Control Protocol) server that enables natural language interaction with Kubernetes clusters and Helm for resource and release management.
mcp-servers
An MCP server for fetching, cleaning, and intelligently extracting content from web pages, designed for agent-building frameworks.
ncp
A unified Model Context Protocol (MCP) orchestrator that enables semantic tool discovery, management, scheduling, and execution across a diverse ecosystem of connected AI tools and services.