mcp-server
by andreaskhachikyan-ops
Overview
The server acts as a flexible tool router and execution engine, allowing an LLM to dynamically select and invoke predefined tools (like web search, Wikipedia, or a local database) via an HTTP API based on user prompts.
Installation
node index.jsSecurity Notes
CRITICAL VULNERABILITIES: 1. The client-side `client.py` uses `eval()` on the LLM's function call arguments (`eval(tool_call["arguments"])`), leading to potential Remote Code Execution (RCE) if the LLM can be prompted to generate malicious Python code. 2. The server-side `connections/database.js` directly executes user-provided SQL queries (`db.all(sql)`) without any sanitization or parameterized queries, making it severely vulnerable to SQL Injection attacks.
Similar Servers
klavis
Develop and deploy AI agents that interact with a wide array of web services (e.g., Gmail, YouTube, LinkedIn, Supabase, Salesforce, Kubernetes) through a standardized Model Context Protocol (MCP), often orchestrated by an intelligent routing layer like Strata.
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
bifrost
A high-performance AI gateway with a unified interface for multiple LLM providers, offering real-time monitoring and configuration.
mcp-omnisearch
Provides a unified interface for various search, AI response, content processing, and enhancement tools via Model Context Protocol (MCP).