simple-mcp-rag
Verified Safeby alejandro-ao
Overview
An MCP server for Retrieval Augmented Generation (RAG) that ingests documents into a vector database and retrieves relevant information based on queries.
Installation
python rag_server.pyEnvironment Variables
- LLAMA_CLOUD_API_KEY
- LLAMA_RAG_DATA_DIR
- LLAMA_RAG_DB_DIR
Security Notes
The server performs extensive file system operations, including reading from a data directory (`SimpleDirectoryReader`) and managing a database directory (`shutil.rmtree` for resets). While these are core to its RAG functionality, a misconfigured `LLAMA_RAG_DATA_DIR` or `LLAMA_RAG_DB_DIR` environment variable could lead to reading sensitive files or deleting unintended directories. There are no obvious `eval` or arbitrary code execution vulnerabilities in the provided code snippets. External API calls are made to `LlamaParse`, which requires `LLAMA_CLOUD_API_KEY` (handled via environment variables). The primary risk is with environment variable configuration and the contents of the data directory if the server is exposed to untrusted inputs or runs in an untrusted environment.
Similar Servers
haiku.rag
Opinionated agentic RAG powered by LanceDB, Pydantic AI, and Docling to provide hybrid search, intelligent QA, and multi-agent research over user-provided documents, accessible via CLI, Python API, Web App, TUI, or as an MCP server for AI assistants.
mcp-local-rag
Provides a local, RAG-like web search tool for Large Language Models to retrieve current information and context.
qdrant-loader
A Model Context Protocol (MCP) server that provides advanced Retrieval-Augmented Generation (RAG) capabilities to AI development tools by bridging a QDrant knowledge base for intelligent, context-aware search.
local_faiss_mcp
Provides a local FAISS-based vector database as an MCP server for Retrieval-Augmented Generation (RAG) applications, enabling document ingestion, semantic search, and prompt generation.