boilerplate-mcp-server
Verified Safeby aashari
Overview
This boilerplate provides a production-ready foundation for developing custom Model Context Protocol (MCP) servers in TypeScript to connect AI assistants with external APIs and data sources, exemplified by an IP geolocation lookup tool.
Installation
npm run mcp:httpEnvironment Variables
- TRANSPORT_MODE
- PORT
- DEBUG
- NODE_ENV
- IPAPI_API_TOKEN
Security Notes
The server uses standard HTTP/STDIO transports and fetches data from external APIs. It logs raw API responses to `/tmp/mcp/<project>/` for debugging, which is a temporary, controlled location and does not pose significant arbitrary file write risks. JMESPath filtering is used, which is a safe JSON query language, not susceptible to code injection. Configuration is handled securely via environment variables or a global config file (`~/.mcp/configs.json`). No direct 'eval' or other easily exploitable code execution patterns were found. The use of `spawn` is confined to CLI tests.
Similar Servers
mcp-use
A full-stack framework for building Model Context Protocol (MCP) servers, MCP clients, and AI agents in both Python and TypeScript, supporting interactive UI widgets and robust debugging.
mcp
A TypeScript SDK for building and interacting with Model Context Protocol (MCP) servers, facilitating AI agent interaction through exposed tools, prompts, and resources via JSON-RPC over HTTP/SSE.
mcp-agent-kit
Simplifies the creation and management of AI agents, chatbots, and Model Context Protocol (MCP) servers with various LLM providers.
mcp-typescript-simple
A production-ready MCP (Model Context Protocol) server for building AI agent backends, offering dual-mode operation (STDIO + Streamable HTTP with OAuth), multi-LLM integration, and comprehensive observability.