php-mcp
Verified Safeby dtyq
Overview
Facilitates communication and integration between LLM applications and external data sources or tools by implementing the Model Context Protocol (MCP).
Installation
php examples/stdio-server-test.phpSecurity Notes
The server demonstrates robust message validation (UTF-8, JSON-RPC 2.0 structure, MCP stdio format) and uses interfaces for authentication and session management, promoting a secure design. Session IDs are generated cryptographically. Text content is sanitized to remove control characters. Potential risks include insecure implementations of custom tools, prompts, or resource handlers registered by the user, and possible path traversal/SSRF vulnerabilities if user-provided URIs are not meticulously validated by custom resource handlers leveraging `file_get_contents` or similar. The `Access-Control-Allow-Origin: *` header in HttpTransport exposes the API to all origins, which is standard for public APIs but should be noted.
Similar Servers
fastmcp
FastMCP is an ergonomic interface for the Model Context Protocol (MCP), providing a comprehensive framework for building and interacting with AI agents, tools, resources, and prompts across various transports and authentication methods.
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
mcp-server
This plugin implements a Model Context Protocol (MCP) server for WordPress, exposing WordPress's data and functionality through its REST API to AI clients.
symfony-mcp-server
Build intelligent AI agents by transforming Symfony applications into Model Context Protocol (MCP) servers, enabling LLM interaction with application logic, tools, prompts, and resources.