mcp-setting-all-server
Verified Safeby dreamwithrua
Overview
This is a TypeScript Model Context Protocol (MCP) server boilerplate designed for rapid development of custom AI-powered services, including tools for basic utilities, image generation, and code analysis, which can be connected to clients like Cursor.
Installation
node build/index.jsEnvironment Variables
- hfToken
Security Notes
The server uses Zod for schema validation, which is a good practice. It handles a Hugging Face API token through configuration, preventing hardcoding. Operations are well-defined (calculator, greeting, time, server info, image generation, code review prompt). No direct arbitrary code execution or filesystem access from external requests beyond specified functionalities is observed. The 'code_review' prompt sends user-provided code to an LLM, which carries inherent prompt injection risks if not carefully managed by the client application consuming the LLM's output. Large image payloads from the 'generate_image' tool could consume memory, but this is a resource management concern rather than a direct vulnerability in the server logic.
Similar Servers
mcp-typescript-template
This project provides a foundational TypeScript template for developing remote Model Context Protocol (MCP) servers with robust tooling and best practices.
mcp-typescript-starter
A feature-complete Model Context Protocol (MCP) server template in TypeScript demonstrating all major MCP features for AI assistant interaction.
my-mcp-server
A TypeScript boilerplate server implementing the Model Context Protocol (MCP) SDK, offering various tools like greeting, calculation, time, AI image generation, and a code review prompt, along with a server information resource.
ai-mcp-server-test
This boilerplate facilitates the rapid development of Model Context Protocol (MCP) servers in TypeScript, enabling them to expose various AI-powered tools and resources to MCP clients.