mcp-gateway
by abboahene
Overview
Aggregates multiple Model Context Protocol (MCP) servers into a single endpoint for clients like Claude Desktop or VS Code.
Installation
mcp-gateway startEnvironment Variables
- MCP_GATEWAY_GROUPS
- MCP_GATEWAY_CONFIG
Security Notes
The core functionality of the MCP Gateway involves executing user-defined commands and arguments for each configured MCP server using `child_process.spawn`. These commands are sourced directly from the `~/.mcp-gateway/config.json` file, which is user-editable. If this configuration file is compromised or a malicious entry is injected (e.g., through a malicious marketplace server listed in the desktop app, or by direct file modification), it could lead to arbitrary code execution (RCE) on the host system. Environment variables specified in the config are also passed directly to these spawned child processes, posing a risk of credential exfiltration if a malicious command is executed. While the user explicitly configures these commands, the gateway itself does not provide sandboxing for them, making configuration integrity critical. The README correctly advises securing the config file permissions (e.g., `chmod 600`).
Similar Servers
mcp-gateway
A multi-tenant secure proxy for AI clients to Ragie Model Context Protocol (MCP) services with WorkOS authentication and role-based access control.
chuk-mcp-server
A framework for building high-performance, modular, zero-configuration Model Context Protocol (MCP) servers, capable of hosting AI agent tools, resources, and prompts across local, containerized, and diverse cloud environments.
mcp-server-connect
The provided source code serves as a static biographical document detailing the life and legacy of Muhammad Ali Jinnah.
mcp-gateway
A simple HTTP proxy designed for monitoring and debugging requests and responses flowing between an MCP client and an MCP server.