openapi-mcp
Verified Safeby abumalick
Overview
Enables LLMs to explore OpenAPI specifications by loading, listing, and detailing API endpoints, parameters, and schemas.
Installation
npx -y @abumalick/openapi-mcpSecurity Notes
The server can fetch OpenAPI specifications from arbitrary URLs provided by the LLM, posing a potential Server-Side Request Forgery (SSRF) risk if not properly isolated or access-controlled in its deployment environment. Schemas are truncated to prevent excessive output, which also helps mitigate against very large (potentially malicious) schema definitions. No direct code execution vulnerabilities or hardcoded secrets were found.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
inspector
An interactive developer tool for testing, debugging, and monitoring MCP (Model Context Protocol) servers, including their tools, prompts, resources, and UI widgets.
openapi-mcp-server
Converts OpenAPI specifications into Model Context Protocol (MCP) tools, enabling AI assistants to interact with APIs.