mcp-web-client
Verified Safeby hemanth
Overview
A web-based client for connecting to and interacting with multiple Model Context Protocol (MCP) servers, enabling chat interaction with AI models via their tools, resources, and prompts.
Installation
npm install && npm run devEnvironment Variables
- NODE_ENV
Security Notes
The application uses backend proxy routes for all external API calls (MCP servers, LLMs, OAuth), preventing API keys from being exposed client-side and mitigating CORS issues. OAuth 2.0 implementation adheres to best practices including PKCE (Proof Key for Code Exchange) and state parameter for CSRF protection. The client dynamic registration is handled securely. MCP Apps (HTML content) are rendered within sandboxed iframes, and inter-frame communication follows the defined SEP-1865 protocol, minimizing injection risks. The primary 'network risk' is inherent to its function as a universal client capable of connecting to arbitrary, user-defined external services; users must be aware of the trustworthiness of the MCP servers they choose to connect to. There are no obvious hardcoded secrets or malicious patterns.
Similar Servers
mcpm.sh
Centralized management for Model Context Protocol (MCP) servers, including discovery, installation, execution, and sharing, with client integration and usage analytics.
mcp-omnisearch
A Model Context Protocol (MCP) server that provides unified access to multiple search providers, AI tools, and content processing/enhancement features through a single interface.
sagemcp
A scalable platform for hosting Multi-tenant Model Context Protocol (MCP) servers with multi-tenant support, OAuth integration, and connector plugins for various services.
mcp-server-playground
A Model Context Protocol (MCP) server that acts as an OAuth proxy for 3rd party authorization servers like Auth0, provides stateful session management, and exposes various tools for system time, streaming, project keyword searching, and AWS services (S3, ECS, CloudWatch Logs, Bedrock).