admin
Verified Safeby decocms
Overview
The server acts as a control plane for Model Context Protocol (MCP) traffic, providing a unified API gateway for authentication, routing, and observability across various AI-native services and clients.
Installation
bun run devEnvironment Variables
- ENCRYPTION_KEY
- AUTH_SECRET
- DATABASE_URL
- PORT
- UNSAFE_ALLOW_STDIO_TRANSPORT
- DECO_CHAT_API_TOKEN
- DECO_CHAT_API_LOCAL
- DECO_SELF_URL
- MESH_URL
Security Notes
The project implements robust security features including role-based access control (RBAC), multi-tenancy, credential encryption via a vault, and detailed audit logging with OpenTelemetry. However, it includes a "code execution" feature that allows running user-provided JavaScript code in a sandbox. While sandboxing aims to provide isolation, dynamic code execution is inherently a high-risk attack surface, making perfect security extremely challenging and prone to potential vulnerabilities. Careful review of the sandbox implementation would be required for high-security environments. Production deployments should ensure all sensitive environment variables are correctly configured.
Similar Servers
mcp-use
A comprehensive framework for building full-stack Model Context Protocol (MCP) applications, including AI agents, MCP servers with UI widgets, and integrated debugging tools in both Python and TypeScript.
mesh
An open-source control plane for Model Context Protocol (MCP) traffic, providing unified authentication, routing, observability, and tool management for AI agents and integrations across various services.
mcp-kit
A CLI tool for scaffolding new Model Context Protocol (MCP) applications, including MCP Servers and Clients.
ironmanus-mcp
Orchestrates AI workflows with an 8-phase control flow and specialized tools, serving as a Model Context Protocol (MCP) server.