MCP-Server
by jamesb97
Overview
A TCP server exposing various system interaction tools for an AI system (LLM) to consume via a structured JSON-based protocol.
Installation
npm run devSecurity Notes
CRITICAL: The server is vulnerable to path traversal attacks. The `listDir`, `searchFiles`, and `fileContent` tools directly use the `path` parameter provided by the client without sanitization. An attacker could provide paths like `../../../../etc/passwd` to read sensitive system files or `../../../../tmp/malicious.txt` to write arbitrary content, potentially leading to remote code execution or data exfiltration. This makes the server highly unsafe to run in any untrusted environment.
Similar Servers
mcp-openapi-server
A Model Context Protocol (MCP) server that exposes OpenAPI endpoints as MCP tools, along with optional support for MCP prompts and resources, enabling Large Language Models to interact with REST APIs.
tmcp
A server implementation for the Model Context Protocol (MCP) to enable LLMs to access external context and tools.
claude-prompts-mcp
Enhances AI assistant behavior through structured prompt management, multi-step chains, quality gates, and autonomous verification loops, primarily for development tasks.
compound-mcp-server
Provides a Model Context Protocol (MCP) server for interacting with Groq models, including compound/meta models, exposing tools for real-time information and code execution capabilities from the Groq AI.