whoosh_rag_mcp
Verified Safeby jianlins
Overview
Provides full-text search for documentation to AI assistants using Whoosh, enabling RAG over up-to-date information.
Installation
python -m whoosh_rag_mcp.mcp_serverEnvironment Variables
- DOCS_ROOT
- INDEX_DIR
Security Notes
The core Python MCP server (mcp_server.py, doc_retriever.py) does not contain direct `eval`, hardcoded secrets, or network listeners (uses stdio). File operations are limited to configured `DOCS_ROOT` and `INDEX_DIR`. The primary risk lies in the configuration of `DOCS_ROOT` and `INDEX_DIR` environment variables by the host system or AI assistant client; if these point to untrusted or sensitive locations, it could lead to unintended file access or resource exhaustion. The associated VS Code extension uses `child_process.exec` to run the Python script, which is a potential vulnerability if the `pythonPath` configuration is maliciously set by the user, though the script path itself is fixed and arguments for search queries are quoted to mitigate injection.
Similar Servers
apple-rag-mcp
This MCP server provides AI agents with comprehensive, real-time access to Apple's developer documentation and WWDC video transcripts using advanced RAG (Retrieval Augmented Generation) techniques, combining semantic, keyword, and AI-powered hybrid search.
Context-Engine
A Retrieval-Augmented Generation (RAG) stack for codebases, enabling context-aware AI agents for developers and IDEs through unified code indexing, hybrid search, and local LLM integration.
flexible-graphrag
The Flexible GraphRAG MCP Server provides a Model Context Protocol (MCP) interface for AI assistants (like Claude Desktop) to interact with a sophisticated RAG and GraphRAG system for document processing, knowledge graph auto-building, hybrid search, and AI Q&A.
mcp-local-rag
A privacy-first, local document search server that leverages semantic search for Model Context Protocol (MCP) clients.