toolception
Verified Safeby code-rabi
Overview
Provides a dynamic Model Context Protocol (MCP) server toolkit for runtime toolset management, exposure control, and robust permission-based access control for AI agents.
Installation
npm run dev:server-demoEnvironment Variables
- PORT
- STARTUP_MODE
- TOOLSETS
- MCP_CLIENT_ID
Security Notes
The server framework incorporates robust security practices including Zod for schema validation on custom HTTP endpoints, clear separation of concerns for permission resolution, and safe error responses to prevent information leakage of unauthorized toolsets. Client IDs are either provided by headers or generated anonymously with non-anonymous ones being cached. The system largely delegates tool execution and module loading to user-provided handlers and resolvers, which means the ultimate security of the server depends heavily on the security of the implemented tools and permission logic. The framework itself provides the necessary mechanisms to build a secure system, such as explicit validation for permission configurations and reserved HTTP paths. No direct 'eval' or obvious hardcoded secrets were found.
Similar Servers
agent-mcp-gateway
An MCP gateway that aggregates multiple downstream MCP servers, providing policy-based access control and on-demand tool discovery to optimize context window usage for agents and subagents.
mcp-optimizer
Acts as an intelligent intermediary MCP server, providing semantic tool discovery, caching, and unified access to multiple MCP servers for AI clients.
mcp-maintainer-toolkit
This server provides a Model Context Protocol (MCP) interface with various tools and resources designed to assist in maintaining, testing, and developing MCP repositories and clients.
mcp_tools_server
An MCP server that empowers an LLM to act as a comprehensive, multi-platform AI assistant capable of managing files, system processes, web browsing, personal organization, and media control on a local device.