aduib-mcp-server
by chaorenex1
Overview
An MCP (Model Context Protocol) server designed to act as an AI agent backend, integrating various tools for web crawling, GitHub data retrieval, and RAG (Retrieval-Augmented Generation) from knowledge bases, exposing these capabilities via APIs.
Installation
python app.pyEnvironment Variables
- FASTMCP_DEBUG
- FASTMCP_LOG_LEVEL
- FASTMCP_HOST
- FASTMCP_PORT
- REDIS_ENABLED
- REDIS_HOST
- REDIS_PORT
- REDIS_USERNAME
- REDIS_PASSWORD
- REDIS_DB
- REDIS_USE_SENTINEL
- REDIS_SENTINELS
- REDIS_SENTINEL_SERVICE_NAME
- REDIS_SENTINEL_USERNAME
- REDIS_SENTINEL_PASSWORD
- REDIS_SENTINEL_SOCKET_TIMEOUT
- REDIS_USE_CLUSTERS
- REDIS_CLUSTERS
- REDIS_CLUSTERS_PASSWORD
- REDIS_SERIALIZATION_PROTOCOL
- REDIS_ENABLE_CLIENT_SIDE_CACHE
- GITHUB_TOKEN
- GITHUB_GRAPHQL_URL
- GITHUB_API_TIMEOUT
- MEMORY_THRESHOLD_PRECENT
- SEMAPHORE_COUNT
- IDLE_TTL_SEC
- RATE_LIMITER_ENABLED
- RATE_LIMITER_BASE_DELAY
- CRAWLER_MAX_PAGES
- CRAWLER_LLM_BASE_URL
- CRAWLER_LLM_MODEL
- CRAWLER_EMBEDDING_MODEL
- CRAWLER_API_KEY
- CRAWLER_CONFIG_PATH
- LOG_LEVEL
- LOG_FORMAT
- LOG_TZ
- LOG_FILE
- LOG_FILE_MAX_BYTES
- LOG_FILE_BACKUP_COUNT
- LOG_FILE_LEVEL
- DB_ENABLED
- DB_DRIVER
- DB_HOST
- DB_PORT
- DB_USERNAME
- DB_PASSWORD
- DB_DATABASE
- DB_CHARSET
- DB_EXTRAS
- POOL_SIZE
- APP_NAME
- APP_DESCRIPTION
- APP_HOME
- APP_VERSION
- APP_HOST
- APP_PORT
- RPC_SERVICE_PORT
- RPC_SERVICE_HOST
- DOCKER_ENV
- APP_MAX_REQUESTS
- APP_MAX_WORKERS
- DEPLOY_ENV
- DEFAULT_USER_AGENT
- IS_SSL
- SSL_CERTFILE
- SSL_KEYFILE
- DEBUG
- AUTH_ENABLED
- AUTH_ISSUER_URL
- TRANSPORT_TYPE
- REMOTE_SETTINGS_SOURCE_NAME
- NACOS_SERVER_ADDR
- NACOS_NAMESPACE
- NACOS_GROUP
- NACOS_USERNAME
- NACOS_PASSWORD
- DISCOVERY_SERVICE_ENABLED
- DISCOVERY_SERVICE_TYPE
- SERVICE_TRANSPORT_SCHEME
- SNOWFLAKE_WORKER_ID
- SNOWFLAKE_DATACENTER_ID
Security Notes
A critical security flaw exists where `CRAWLER_API_KEY` is hardcoded as a bcrypt hash in `configs/crawl4ai/__init__.py`. This same hardcoded bcrypt hash is then directly used as an `api_token` for external LLM calls in `configs/crawl4ai/crawl_rule.py` (e.g., in `LLMConfig` and `AdaptiveConfig`). A bcrypt hash is not a valid API token for external services, indicating a severe misconfiguration or direct exposure of sensitive information. This will likely cause LLM authentication to fail, or if somehow misinterpreted by an LLM provider, could lead to a compromise. The system also relies on Playwright for web crawling, which involves downloading and running browser binaries, increasing the supply chain risk and attack surface. While other security measures like API key validation and resource limits are present, this specific misconfiguration is critical.
Similar Servers
mcp-omnisearch
Provides a unified interface for various search, AI response, content processing, and enhancement tools via Model Context Protocol (MCP).
crawl-mcp
A comprehensive Model Context Protocol (MCP) server that wraps the crawl4ai library for advanced web crawling, content extraction, and AI-powered summarization from various sources including web pages, PDFs, Office documents, and YouTube videos.
playwright-mcp-server
Provides a robust, token-aware Playwright browser automation server for Large Language Models (LLMs) and coding agents to interact with web content, supporting advanced features like anti-detection and multi-page management.
firecrawl-mcp-server
A Model Context Protocol (MCP) server that provides web scraping, crawling, search, and structured data extraction capabilities using the Firecrawl API.