mcp-openapi-schema-explorer
Verified Safeby kadykov
Overview
Provides token-efficient, granular access to OpenAPI (v3.0) and Swagger (v2.0) specifications via MCP Resources, enabling LLMs and MCP clients to explore API structure without loading entire large files into context.
Installation
npx -y mcp-openapi-schema-explorer@latest <path-or-url-to-spec> --output-format yamlSecurity Notes
The server loads and processes OpenAPI/Swagger specification files from local paths or remote URLs. This functionality inherently involves file system and network access via the 'swagger2openapi' library. While the code itself does not contain explicit malicious patterns, hardcoded secrets, or direct 'eval' calls, processing untrusted external specification files could, in theory, expose vulnerabilities in the underlying parsing libraries (e.g., 'swagger2openapi', 'js-yaml'). The input 'specPath' is provided via command-line arguments by the MCP client runner, so the immediate risk is tied to the trustworthiness of the provided specification file.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-openapi-server
Exposes OpenAPI endpoints as Model Context Protocol (MCP) tools, enabling Large Language Models (LLMs) to discover and interact with REST APIs through a standardized protocol.
mcp-server-dump
A command-line tool for extracting and documenting MCP (Model Context Protocol) server capabilities, tools, resources, and prompts in various output formats like Markdown, JSON, HTML, PDF, or Hugo site structures.
MyMCP
Dynamically convert any OpenAPI v3 specification into a fully-functional Model Context Protocol (MCP) server, exposing external APIs as MCP tools.