mcp-wrapper
Verified Safeby admannon
Overview
Acts as an MCP server wrapper to prefix tool names from multiple underlying MCP servers, preventing naming collisions.
Installation
npx mcp-wrapper --config '{"name":"my-wrapper","version":"1.0.0","servers":[{"name":"github","command":"npx","args":["-y","@modelcontextprotocol/server-github"]}]}'Security Notes
The wrapper itself does not contain obvious malicious patterns or direct 'eval' usage. However, it is designed to execute arbitrary commands ('command' field) or connect to arbitrary URLs ('url' field) as defined in its 'WrapperConfig'. This means the security posture is heavily reliant on the trustworthiness of the provided configuration. If an attacker can manipulate the 'mcp-wrapper.json' file or the 'MCP_WRAPPER_CONFIG' environment variable, they could achieve arbitrary code execution or initiate malicious network requests. The tool does not perform dynamic code execution based on *runtime* untrusted input to its own API, mitigating some risks. Server names are validated against the separator and for uniqueness, but 'command' and 'url' values are executed/connected as configured.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
metamcp
MetaMCP acts as an MCP proxy to dynamically aggregate multiple MCP servers into a single unified MCP server endpoint, enabling middleware application and customized tool access for coding agents.
mcphub
An orchestration hub that aggregates, manages, and routes Model Context Protocol (MCP) servers and their tools, providing a centralized interface, user management, OAuth 2.0 authorization server capabilities, and AI-powered tool discovery and routing.
jetski
Jetski is an open-source platform providing analytics, authentication, and simplified client setup for Model Context Protocol (MCP) servers by acting as a proxy.