neo4j-yass-mcp
Verified Safeby hdjebar
Overview
A production-ready, security-enhanced Model Context Protocol (MCP) server that provides natural language querying capabilities for Neo4j graph databases using LLM-powered Cypher generation and performance analysis.
Installation
uv run --module neo4j_yass_mcp.serverEnvironment Variables
- NEO4J_URI
- NEO4J_USERNAME
- NEO4J_PASSWORD
- LLM_PROVIDER
- LLM_MODEL
- LLM_API_KEY
- MCP_TRANSPORT
- MCP_SERVER_PORT
Security Notes
The server implements a 6-layer defense-in-depth security architecture, including comprehensive query sanitization (Cypher injection, UTF-8 attacks, dangerous patterns), complexity limiting, read-only enforcement, audit logging, response size limiting, and per-client rate limiting. It explicitly blocks weak passwords and debug mode in production environments, enforces TLS for Neo4j connections, and mitigates OWASP Top 10 threats. All security checks occur *before* query execution.
Similar Servers
mcp-neo4j
The MCP Neo4j Cypher server enables AI models to interact with a Neo4j graph database, execute Cypher queries (read and write), explore the graph schema, and manage query performance and response sizes.
context-portal
Manages structured project context for AI assistants and developer tools, enabling Retrieval Augmented Generation (RAG) and prompt caching within IDEs.
mcp-server-elasticsearch
Connects Model Context Protocol (MCP) clients to Elasticsearch instances, enabling natural language queries and interactions with Elasticsearch indices and data.
mcp
Enables AI models (LLMs) to interact with a Neo4j graph database by providing a structured set of tools via the Model Context Protocol (MCP).