Back to Home
cgoinglove icon

better-chatbot

Verified Safe

by cgoinglove

View Source

Overview

An open-source AI chatbot for individuals and teams, featuring multi-AI support, powerful tools, image generation, automation, and real-time voice assistance.

Installation

Run Command
docker compose up

Environment Variables

  • BETTER_AUTH_SECRET
  • OPENAI_API_KEY
  • GOOGLE_GENERATIVE_AI_API_KEY
  • ANTHROPIC_API_KEY
  • XAI_API_KEY
  • OLLAMA_BASE_URL
  • GROQ_API_KEY
  • OPENROUTER_API_KEY
  • EXA_API_KEY
  • POSTGRES_URL
  • REDIS_URL
  • MCP_CONFIG_PATH
  • MCP_MAX_TOTAL_TIMEOUT
  • OPENAI_COMPATIBLE_DATA
  • DISABLE_DEFAULT_AVATAR
  • DISABLE_SIGN_UP
  • MICROSOFT_CLIENT_ID
  • MICROSOFT_CLIENT_SECRET
  • MICROSOFT_TENANT_ID
  • GOOGLE_CLIENT_ID
  • GOOGLE_CLIENT_SECRET
  • GITHUB_CLIENT_ID
  • GITHUB_CLIENT_SECRET
  • FILE_STORAGE_TYPE
  • FILE_STORAGE_PREFIX
  • FILE_STORAGE_S3_REGION
  • FILE_STORAGE_S3_BUCKET
  • FILE_STORAGE_S3_ENDPOINT
  • FILE_STORAGE_S3_PUBLIC_BASE_URL
  • NEXT_PUBLIC_PASSWORD_REGEX_PATTERN
  • NEXT_PUBLIC_PASSWORD_REQUIREMENTS_TEXT
  • VERCEL_URL
  • VERCEL_PROJECT_PRODUCTION_URL

Security Notes

The server uses `new Function()` for JavaScript execution and `pyodide.runPythonAsync` for Python execution. While these are inherently risky, the code attempts to mitigate this by running in the user's browser (client-side) and includes basic safety checks (e.g., forbidden keywords, suspicious patterns). The `httpFetchTool` allows the LLM to make arbitrary HTTP requests from the server, which could lead to Server-Side Request Forgery (SSRF) or unauthorized data access if not strictly controlled by LLM system prompts and/or network configurations (e.g., whitelisting). Sensitive API keys and configurations are correctly handled via environment variables. Input validation is applied using Zod schemas. Overall, conscious efforts are made towards security, but the dynamic tool usage requires vigilant monitoring and strong LLM guardrails.

Similar Servers

line-bot-mcp-server

502

Facilitates automated interactions and rich menu management for LINE Official Accounts by integrating AI agents via the Model Context Protocol.

Coding Agents
9
$Low

whatsapp-mcp-ts

40

Connects a personal WhatsApp account to an AI agent, enabling the agent to search messages and contacts, list chats, retrieve message history, and send messages via WhatsApp.

Communication
8
$Medium

mu-mcp

2

A minimal MCP server designed to enable chat with various AI models via OpenRouter, with a focus on persistent, multi-model conversations.

AI & ML
8
$High

chatsuite

1

A full-stack monorepo platform integrating multiple AI, database, and automation services for enhanced collaboration and productivity.

Communication
6
$Low

Stats

Interest Score99
Security Score7
Cost ClassHigh
Avg Tokens1000
Stars928
Forks297
Last Update2025-12-04

Tags

AIChatbotLLMToolsWorkflowsImage GenerationWeb SearchCode Execution