simple_local_rag
Verified Safeby dataML007
Overview
A multi-modal Retrieval-Augmented Generation (RAG) system for querying PDF documents with conversation memory via a Streamlit UI, FastAPI backend, and MCP server integration.
Installation
./start_mcp.shEnvironment Variables
- OPENAI_API_KEY
- API_HOST
- API_PORT
- STREAMLIT_SERVER_PORT
- MCP_SERVER_PORT
Security Notes
The system uses `os.getenv` for API keys and recommends storing them in a `.env` file excluded from version control, which is good practice. File uploads are handled with temporary files and explicit `.pdf` extension checks, reducing direct path traversal risks. The `VectorStore` uses `pickle.dump` and `pickle.load` for chunk metadata. While typically used for internal data, if an attacker could tamper with the `chunks.pkl` file, this could lead to a deserialization vulnerability. For a 'local' RAG system, this risk is mitigated by assuming trusted local file access. The FastAPI backend uses `allow_origins=["*"]` for CORS, which is noted as acceptable for local development but a security risk for production deployments.
Similar Servers
pageindex-mcp
This MCP server acts as a bridge, enabling LLM-native, reasoning-based RAG on documents (local or online PDFs) for MCP-compatible agents like Claude and Cursor, without requiring a vector database locally.
mcp-raganything
Provides a FastAPI REST API and MCP server for Retrieval Augmented Generation (RAG) capabilities, integrating with the RAG-Anything and LightRAG libraries for multi-modal document processing and knowledge graph operations.
tiny_chat
A RAG-enabled chat application that integrates with various LLM backends (OpenAI, Ollama, vLLM) and a Qdrant vector database, offering web search capabilities and an OpenAI-compatible API.
agent-tool
A full-stack AI agent platform offering conversational AI with RAG, multi-LLM support, and extensible tooling via Model Context Protocol (MCP) servers.