mcp-foundry
by azure-ai-foundry
Overview
A Model Context Protocol (MCP) server for Azure AI Foundry, providing a unified set of tools for interacting with Azure AI models, knowledge bases (AI Search), evaluation services, and finetuning operations.
Installation
uvx --prerelease=allow --from git+https://github.com/azure-ai-foundry/mcp-foundry.git run-azure-ai-foundry-mcp --envFile .envEnvironment Variables
- AZURE_OPENAI_ENDPOINT
- AZURE_OPENAI_API_KEY
- AZURE_OPENAI_API_VERSION
- AZURE_OPENAI_DEPLOYMENT
- AZURE_AI_PROJECT_ENDPOINT
- AZURE_AI_SEARCH_ENDPOINT
- AZURE_AI_SEARCH_API_KEY
- AZURE_AI_SEARCH_API_VERSION
- AZURE_TENANT_ID
- AZURE_CLIENT_ID
- AZURE_CLIENT_SECRET
- SEARCH_AUTHENTICATION_METHOD
- EVAL_DATA_DIR
- DEFAULT_AGENT_ID
- SWAGGER_PATH
- LABS_API_URL
- GITHUB_TOKEN
Security Notes
CRITICAL: The `az` helper function, used by `mcp.tool` functions like `create_azure_ai_services_account` and `create_foundry_project`, directly passes user-controlled `subscription_id` and `resource_group` parameters to `subprocess.run` without sufficient sanitization. This creates a severe command injection vulnerability. CRITICAL: The dynamic Swagger tool execution (`swagger.py`) uses `url.replace(placeholder, str(param_value))` to construct URLs from path parameters without URL encoding. This allows for URL injection/path traversal if `param_value` contains malicious characters (e.g., `/../` or encoded slashes).
Similar Servers
tmcp
OAuth 2.1 authorization helper for Model Context Protocol (MCP) servers.
mcp-servers
Provides a curated collection of Model Context Protocol (MCP) server configurations to enable AI agents to interact with various developer tools and services.
mmcp
Manages Model Context Protocol (MCP) server definitions in a central configuration and applies them to various AI agent tools.
azure-devops-mcp-server
Exposes Azure DevOps operations as tools for AI assistants, enabling AI agents to automate tasks like creating work items, managing pull requests, and queuing builds.