maxibridge
by acuvity
Overview
Maxibridge acts as a policeable dynamic gateway for Multiple Context Protocol (MCP) servers, allowing external agents to connect, discover, and interact with various backend MCP services with security and policy enforcement.
Installation
maxibridge backend --listen :8080 --mcp-server-name my-mcp-server --registration-url http://localhost:8081 -- catEnvironment Variables
- MAXIBRIDGE_CONFIG
- MAXIBRIDGE_CONFIG_NAME
- MAXIBRIDGE_LOG_LEVEL
- MAXIBRIDGE_LOG_FORMAT
- MAXIBRIDGE_LISTEN
- MAXIBRIDGE_REGISTRATION_LISTEN
- MAXIBRIDGE_MCP_SERVER_NAME
- MAXIBRIDGE_REGISTRATION_URL
- MAXIBRIDGE_PUBLIC_URL
- MAXIBRIDGE_AGENT_TOKEN
- MAXIBRIDGE_POLICER_TYPE
- MAXIBRIDGE_POLICER_REGO_POLICY
- MAXIBRIDGE_POLICER_HTTP_URL
- MAXIBRIDGE_GATEWAY_NAME
- MAXIBRIDGE_GATEWAY_REPORT_TOKEN
- OTEL_EXPORTER_OTLP_ENDPOINT
- REGO_POLICY_RUNTIME_*
Security Notes
The backend component of Maxibridge directly executes arbitrary commands passed via command-line arguments (e.g., `maxibridge backend -- <command> [args...]`). This is an extreme security risk (G204 identified) as it allows the execution of any binary on the host if an attacker gains control over these arguments, even indirectly. While `setCaps` and `chroot` (on Linux/Darwin) are used to attempt sandboxing, fully securing arbitrary command execution is exceptionally difficult. The `cmd_others.go` build tag does not enable `chroot`, leaving non-Linux/Darwin systems even more exposed. Input validation and policy enforcement via `policer` exist at a higher level, but do not mitigate the underlying risk of spawning unsandboxed processes. The `pkgs/scan/sbom.go` uses `os.ReadFile` (G304 flagged) to load SBOMs, which could be vulnerable to path traversal if the SBOM file path is user-controlled. Hardcoded secrets are not evident; credentials are managed through environment variables or flags.
Similar Servers
mcp-context-forge
Converts web content (HTML, PDF, DOCX, etc.) and local files from a URL into high-quality Markdown format. It supports multiple conversion engines, content optimization, batch processing, and image handling.
mcp-proxy
Acts as a transparent proxy for Model Context Protocol (MCP) servers, allowing switching between stdio, Server-Sent Events (SSE), and Streamable HTTP transports.
Unla
Transforms existing MCP Servers and APIs into MCP protocol-compliant endpoints through configuration, enabling LLM tool calling without code changes.
metamcp
MetaMCP acts as an MCP proxy to dynamically aggregate multiple MCP servers into a single unified MCP server endpoint, enabling middleware application and customized tool access for coding agents.