MaxKB
by carglezfer
Overview
MaxKB is an enterprise-grade AI agent platform for building intelligent chatbots, knowledge bases, and complex workflows with various large language models.
Installation
docker run -d --name=maxkb --restart=always -p 8080:8080 -v ~/.maxkb:/opt/maxkb registry.fit2cloud.com/maxkb/maxkbEnvironment Variables
- MAXKB_SECRET_KEY
- MAXKB_DB_ENGINE
- MAXKB_DB_NAME
- MAXKB_DB_USER
- MAXKB_DB_PASSWORD
- MAXKB_DB_HOST
- MAXKB_DB_PORT
- MAXKB_REDIS_BROKER_URL
- MAXKB_REDIS_BACKEND_URL
- MAXKB_DEFAULT_PASSWORD
- MAXKB_CONFIG_FILE
- OPENAI_API_KEY
- OPENAI_API_BASE
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- TENCENTCLOUD_SECRET_ID
- TENCENTCLOUD_SECRET_KEY
- MOONSHOT_API_KEY
- DEEPSEEK_API_KEY
- VOLCANIC_ENGINE_ACCESS_KEY_ID
- VOLCANIC_ENGINE_SECRET_ACCESS_KEY
- DASHSCOPE_API_KEY
- SILICONCLOUD_API_KEY
- REGOLO_API_KEY
- XUNFEI_SPARK_APPID
- XUNFEI_SPARK_API_SECRET
- XUNFEI_SPARK_API_KEY
- ZHIPU_API_KEY
- XINFERENCE_API_BASE
- XINFERENCE_API_KEY
- VLLM_API_BASE
- VLLM_API_KEY
- OLLAMA_API_BASE
Security Notes
The application explicitly supports dynamic code execution via the `ToolExecutor().exec_code` function, allowing users to define and run arbitrary Python code for custom tools. While there are attempts at keyword validation and a custom sandbox mechanism, arbitrary code execution is an inherent and significant security risk, making it susceptible to remote code execution (RCE) if an attacker can manipulate tool definitions. Sensitive information like API keys for AI models and external services are handled through RSA encryption and stored in the database, which is good practice. User authentication tokens are stored in local storage in the UI, which can be vulnerable to Cross-Site Scripting (XSS) attacks.
Similar Servers
MaxKB
An enterprise-grade intelligent agent platform for building knowledge bases, RAG, complex workflows, and AI agents, targeting intelligent customer service and office assistants.
trigger.dev
Local development and AI agent interface for Trigger.dev workflows, enabling Python script execution and managing tasks, runs, and deployments.
npcpy
A comprehensive Python library and framework for building, evaluating, and serving LLM-powered agents and multi-agent systems, integrating fine-tuning capabilities, knowledge graphs, and scalable model operations, with a built-in Flask API server for deployment.
agents
The Inkeep Agents project is a comprehensive framework and SDK for building, managing, and running AI agents. This specific 'MCP Server' component (integrated within the Management API) provides a machine-readable API for managing agent configurations, tools, data components, and other project resources.