pmcp
Verified Safeby ViperJuice
Overview
Acts as a single MCP server for Claude Code to reduce context bloat by providing on-demand tool discovery and dynamic server provisioning.
Installation
uvx pmcpEnvironment Variables
- GROQ_API_KEY
- GITHUB_PERSONAL_ACCESS_TOKEN
- POSTGRES_URL
- BRAVE_API_KEY
- NOTION_TOKEN
- PMCP_CONFIG
- PMCP_POLICY
- PMCP_LOG_LEVEL
Security Notes
The server's core function involves spawning and managing external processes (other MCP servers or CLIs) via `asyncio.create_subprocess_exec`. While this is necessary for its design, it inherently relies on the trustworthiness of the manifest (`manifest.yaml`) and the integrity of installed downstream packages (npm/PyPI). The `PolicyManager` is implemented to mitigate risks through allow/deny lists for servers, tools, resources, and prompts, as well as output size caps and secret redaction. Crucially, a singleton lock and self-reference filtering are in place to prevent recursive spawning. No obvious `eval` or obfuscation was found, and hardcoded secrets are avoided by relying on environment variables. The primary security consideration is the vigilance required in managing and auditing the list of allowed external tools.
Similar Servers
claude-code-mcp
Acts as an MCP server to enable LLMs to run Claude Code CLI in one-shot mode, bypassing permissions for complex coding, file system, Git, and terminal operations.
mcp-memory-keeper
Provides persistent context management for Claude AI coding assistants, ensuring work history, decisions, and progress are preserved across sessions and context limits.
ncp
NCP acts as a universal adapter and orchestrator for Model Context Protocol (MCP) servers and tools. It provides a unified interface for discovery, execution, and management of diverse tools (local CLI, HTTP APIs, internal plugins/Photons, AI skills) through natural language and structured code interaction, enabling AI agents to interact with the broader digital ecosystem.
mcpick
Manages MCP server configurations for Claude Code to optimize context usage and performance by enabling/disabling servers, creating backups, and using profiles.