montage-mcp-server
by hyperflow-wms
Overview
Generates astronomical image mosaic workflows using the Montage toolkit through an MCP server interface, primarily for integration with LLMs like Claude Desktop.
Installation
cat /tmp/example-dss.json | docker run --rm -i -v "$PWD/workflows:/workflows" montage-mcp-server:latestSecurity Notes
Critical shell injection vulnerability in workflow generation scripts (`montage-workflow-yaml.py`, `montage-workflow-wfformat.py`): User-controlled inputs (`survey`, `band`) are directly interpolated into shell commands (`mArchiveList`, `mDAGTbls`, `mOverlaps`), allowing arbitrary command execution. Critical container escape vulnerability: The `docker-compose.yml` mounts `/var/run/docker.sock` into the `hyperflow` container, giving it root access to the host's Docker daemon. Use of `yaml.UnsafeLoader` in `server.py` could be a deserialization vulnerability if the generated YAML is ever untrusted, though in current context it loads self-generated content.
Similar Servers
ironmanus-mcp
Orchestrates AI workflows with an 8-phase control flow and specialized tools, serving as a Model Context Protocol (MCP) server.
iron-manus-mcp
Orchestrates AI workflows with an 8-phase control flow and focused tools, acting as a Model Context Protocol (MCP) server for complex project management.
imgenx
AI image and video generation and processing, functioning as a command-line tool or MCP server.
Local_MCP_Client
The client acts as a cross-platform web and API interface for natural language interaction with configurable MCP servers, facilitating structured tool execution and dynamic agent behavior using local LLMs.