Back to Home
joelab1224 icon

mcp-server

by joelab1224

View Source

Overview

A multi-tenant server designed to dynamically load, compile, and execute AI tools (like user profiling and text analysis) within a sandboxed environment, exposing them via an API.

Installation

Run Command
python main.py

Environment Variables

  • ADMIN_API_KEY
  • API_KEY
  • MONGODB_URI
  • DATABASE_NAME

Security Notes

CRITICAL VULNERABILITY: The `core/tool_compiler.py` explicitly allows `__import__` in the `safe_globals` dictionary passed to `exec`. This means a malicious tool can import and execute arbitrary Python modules (e.g., `os`, `sys`, `subprocess`) regardless of the `dangerous_patterns` regex, leading to remote code execution. This flaw is explicitly identified and warned against in `SECURITY_RECOMMENDATIONS.md` but not implemented in the provided compiler code. Additionally, hardcoded default values for `ADMIN_API_KEY` ('admin-key-123') and `API_KEY` ('dev-key-123') in environment variables pose a risk if not changed in production. The system lacks robust AST-based validation, bytecode inspection, resource monitoring, and subprocess isolation, all outlined as necessary improvements in the `SECURITY_RECOMMENDATIONS.md`.

Similar Servers

SageMCP

25

A scalable platform for hosting MCP servers with multi-tenant support, OAuth integration, and connector plugins for various services, deployed on Kubernetes.

Other
7
$Medium

agentxsuite

5

A unified open-source platform for connecting, managing, and monitoring AI agents and tools across various Model Context Protocol (MCP) servers.

Other
8
$High

mcp_tools_server

2

An MCP server that empowers an LLM to act as a comprehensive, multi-platform AI assistant capable of managing files, system processes, web browsing, personal organization, and media control on a local device.

Other
2
$High

enterprise_mcp_server

2

Provides a robust, multi-component Model Context Protocol (MCP) solution with an API Gateway for routing and management, an Enterprise MCP Server for core services like authentication and tool administration, and a Tool Server for operational tool execution, designed for integration with clients like Cursor and Claude Code.

Other
4
$High

Stats

Interest Score0
Security Score1
Cost ClassMedium
Avg Tokens1000
Stars0
Forks0
Last Update2025-11-27

Tags

Multi-tenantTool ExecutionAPIAISandboxing