orla
Verified Safeby dorcha-inc
Overview
Orla is a runtime for Model Context Protocol (MCP) servers that automatically discovers and executes executable tools from the filesystem, exposing them via HTTP or stdio transports for use by AI models.
Installation
orlaSecurity Notes
The server's core functionality involves executing arbitrary local commands from the configured 'tools_dir' or 'tools_registry'. While arguments are passed to child processes securely (not directly interpolated into a shell command by Orla), the security of the system fundamentally relies on the user ensuring that the executable tools themselves are trusted, well-audited, and correctly handle their inputs to prevent vulnerabilities like shell injection within the tool's logic. No authentication or authorization is built into the HTTP endpoint beyond the MCP protocol, requiring external security measures like firewalls or proxies for production deployments. The project's `SECURITY.md` explicitly highlights these considerations. The 'avg_tokens_per_call' metric is not applicable as this server executes local commands and does not process LLM tokens itself.
Similar Servers
mcpm.sh
Centralized management for Model Context Protocol (MCP) servers, including discovery, installation, execution, and sharing, with client integration and usage analytics.
mcp-filesystem-server
Provides secure and controlled access to the local filesystem via the Model Context Protocol (MCP) for AI agents and other applications.
mcp-k8s-go
An MCP server enabling AI assistants and users to interact with and manage Kubernetes clusters by listing, getting, applying, and executing commands on Kubernetes resources.
k8s-mcp-server
Provides a standardized Model Context Protocol (MCP) interface for interacting with and managing Kubernetes clusters and Helm releases, enabling automation and integration with CLI tools, web applications, and AI agents.