simple-mcp-rag
Verified Safeby alejandro-ao
Overview
An MCP server for Retrieval Augmented Generation (RAG) that ingests documents into a vector database and retrieves relevant information based on queries.
Installation
python rag_server.pyEnvironment Variables
- LLAMA_CLOUD_API_KEY
- LLAMA_RAG_DATA_DIR
- LLAMA_RAG_DB_DIR
Security Notes
The server performs extensive file system operations, including reading from a data directory (`SimpleDirectoryReader`) and managing a database directory (`shutil.rmtree` for resets). While these are core to its RAG functionality, a misconfigured `LLAMA_RAG_DATA_DIR` or `LLAMA_RAG_DB_DIR` environment variable could lead to reading sensitive files or deleting unintended directories. There are no obvious `eval` or arbitrary code execution vulnerabilities in the provided code snippets. External API calls are made to `LlamaParse`, which requires `LLAMA_CLOUD_API_KEY` (handled via environment variables). The primary risk is with environment variable configuration and the contents of the data directory if the server is exposed to untrusted inputs or runs in an untrusted environment.
Similar Servers
haiku.rag
An opinionated agentic RAG system that uses LanceDB for vector storage, Pydantic AI for multi-agent workflows, and Docling for document processing, exposing its capabilities as MCP tools for AI assistants.
mcp-local-rag
Provides a local RAG-like web search capability for LLMs through the Model Context Protocol without external APIs.
pageindex-mcp
Provides vectorless, reasoning-based RAG capabilities for LLMs to navigate and retrieve information from hierarchical document structures, primarily for long PDFs.
Archive-Agent
An intelligent file indexer with powerful AI search (RAG engine), automatic OCR, and a seamless MCP interface for document retrieval and question answering.