mesh
Verified Safeby decocms
Overview
A full-stack AI-native platform for building, deploying, and managing AI agents, workflows, and applications with integrated context management, access control, and observability.
Installation
bun run --cwd=apps/mesh devEnvironment Variables
- NODE_ENV
- ENCRYPTION_KEY
- MESH_JWT_SECRET
- DATABASE_URL
- BASE_URL
- DECO_CHAT_API_TOKEN
- DECO_CHAT_API_LOCAL
- DECO_SELF_URL
- RESEND_API_KEY
- SENDGRID_API_KEY
- RESEND_FROM_EMAIL
- SENDGRID_FROM_EMAIL
- MICROSOFT_SSO_CLIENT_ID
- MICROSOFT_SSO_CLIENT_SECRET
- VITE_USE_LOCAL_BACKEND
Security Notes
The system employs robust authentication (Better Auth), encryption for sensitive data at rest (AES-256-GCM with `ENCRYPTION_KEY`), and audit logging. However, the `DATABASES_RUN_SQL` tool allows arbitrary SQL execution; while permission-gated, misconfiguration of user roles could lead to severe database compromise. Input sanitization for this tool is implemented but requires careful review for edge cases. The MCP proxy's `x-mesh-token` with `configuration_state` and `permissions` is critical and its security relies entirely on proper permissioning. Fetching tools from external MCPs introduces a potential supply chain risk from malicious or compromised external sources.
Similar Servers
klavis
Creates an AI agent using LangChain in TypeScript that interacts with Gmail and YouTube through a Klavis Strata MCP server, enabling tasks such as summarizing YouTube videos and emailing the summaries.
mcp-context-forge
Retrieving web content (HTML, PDF, DOCX, etc.) and local files, then converting them to high-quality Markdown format. Supports multiple conversion engines, content types, and processing options like image handling and content optimization.
mcphub
Manages and orchestrates various Model Context Protocol (MCP) servers and their tools, providing a unified API gateway, UI, and optional smart routing for tool discovery.
MCPJungle
A self-hosted gateway and registry for Model Context Protocol (MCP) servers, allowing AI agents to discover and consume tools from a central location.