SillyTavern-MCP-Server
by bmen25124
Overview
Manages and integrates external tools and AI models with SillyTavern using the MCP protocol, allowing dynamic execution of local scripts or communication with remote services.
Installation
No command providedSecurity Notes
CRITICAL: The server plugin allows authenticated SillyTavern users to define and execute arbitrary commands on the host machine via the `/servers` API endpoint. The `startMcpServer` function uses `child_process.spawn` with user-provided `command`, `args`, and `env` values from the `mcp_settings.json` configuration or directly from API requests. This poses a severe security risk if SillyTavern's authentication is compromised, or if a malicious user intentionally configures dangerous commands, leading to potential remote code execution and full system compromise. HTTP transport options (streamableHttp, sse) also allow user-defined URLs and headers, creating potential for Server-Side Request Forgery (SSRF) or other network-based attacks.
Similar Servers
klavis
Develop and deploy AI agents that interact with a wide array of web services (e.g., Gmail, YouTube, LinkedIn, Supabase, Salesforce, Kubernetes) through a standardized Model Context Protocol (MCP), often orchestrated by an intelligent routing layer like Strata.
mcp-gateway
Aggregates multiple Model Context Protocol (MCP) servers into a single gateway, providing unified search, description, and invocation for their tools, primarily to mitigate context window limits for AI clients.
mcp-optimizer
Acts as an intelligent intermediary MCP server, providing semantic tool discovery, caching, and unified access to multiple MCP servers for AI clients.
mcp_tools_server
An MCP server that empowers an LLM to act as a comprehensive, multi-platform AI assistant capable of managing files, system processes, web browsing, personal organization, and media control on a local device.